2:00pm, 4 May 2021
TLP Rating:
Vulnerabilities in Apple devices reportedly being actively exploited
Apple has released updated versions to fix vulnerabilities in macOS, iOS, ipadOS, and watchOS. The updates fix significant weaknesses in the system that could allow an attacker to gain access to the device. There have been reports that these vulnerabilities are being actively exploited.
CERT NZ recommends anyone using these operating systems to immediately update their devices.
What's happening
Systems affected
Apple has stated the vulnerabilities affect devices running:
- macOS
- iOS
- iPadOS
- watchOS
For a complete list of products that can be updated see the full list on Apple's website. External Link
What to do
Prevention
Anyone who has an Apple device should immediately update to the latest versions:
- iOS and iPadOS 14.5.1 for modern devices
- macOS 11.3.1
- watchOS 7.4.1
For most devices, a pop-up should alert you that an update is available – select ‘Update Now’.
If you do not receive a pop up message, follow these steps:
Settings > System > Software Update. In there, select “Update Software”.
For further information on affected devices and the update, see Apple's security notification. External Link
For further information about updating devices see CERT NZ's guide to updating your devices.
CERT NZ recommends anyone who has a device that is not able to receive updates should replace their devices. For further information see our guide on end-of-life devices.
More information
Apple security updates External Link
If you require more information or further support, submit a report on our website or contact us on 0800 CERTNZ.
Report an incident to CERT NZ.
For media enquiries, email our media desk at media@mbie.govt.nz or call the MBIE media team on 027 442 2141.