Apple has released security updates to fix vulnerabilities in iOS 15, Safari 15, watchOS 8, iTunes 12.12 for Windows, Xcode 13, and tvOS 15.
A hacker could exploit some of these vulnerabilities to take control of affected devices.
The latest iOS 15 and iPadOS 15 security update released on September 20 addressed 22 vulnerabilities. None of these have known public exploits in the wild.
Of note, 3 of the vulnerabilities could result in arbitrary code execution with kernel or system privileges:
- CVE-2021-30837: Accessory Manager
- CVE-2021-30838: Apple Neural Engine
- CVE-2021-30857: Kernel.
Moreover, Apple also fixed 5 other vulnerabilities that could result in arbitrary code execution.
The update is available for iPhone 6s and later, andiPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation).
Last week, Apple previously released a security update for macOS Big Sur 11.6, but no new macOS updates were released this week.
Moreover, the Apple Safari 15 security update fixed 4 WebKit vulnerabilities. None of these have known public exploits in the wild.
The update is available for systems running macOS Catalina and macOS Mojave.
The latest Apple Watch 8 security update addressed 15 vulnerabilities in all.
The update is available for Apple Watch Series 3 and later models.
Finally, Apple provided fixes for the following products:
Readers can check out the latest Apple security updates page for more details.
- Apple security updates for iOS 14.8, macOS Big Sur 11.6 and other products (warns of active exploits in the wild)
- Apple fixes watchOS vulnerability (CVE-2021-30807) exploited in the wild
- Apple fixes zero-day vulnerability (CVE-2021-30807) in macOS Big Sur and iOS
- Apple security updates for iOS 14.7, macOS Big Sur 11.5 and other products