Alerts

We highlight current cyber security threats in New Zealand, and provide guidance on what to do if they affect you.

2:00pm, 4 May 2021

TLP Rating: White

Vulnerabilities in Apple devices reportedly being actively exploited

Apple has released updated versions to fix vulnerabilities in macOS, iOS, ipadOS, and watchOS. The updates fix significant weaknesses in the system that could allow an attacker to gain access to the device. There have been reports that these vulnerabilities are being actively exploited.

CERT NZ recommends anyone using these operating systems to immediately update their devices.

What's happening

Systems affected

Apple has stated the vulnerabilities affect devices running:

  • macOS
  • iOS
  • iPadOS
  • watchOS

For a complete list of products that can be updated see the full list on Apple's website. External Link

What to do

Prevention

Anyone who has an Apple device should immediately update to the latest versions:

  • iOS and iPadOS 14.5.1 for modern devices
  • macOS 11.3.1
  • watchOS 7.4.1

For most devices, a pop-up should alert you that an update is available – select ‘Update Now’.

If you do not receive a pop up message, follow these steps:

Settings > System > Software Update. In there, select “Update Software”.

For further information on affected devices and the update, see Apple's security notification. External Link

For further information about updating devices see CERT NZ's guide to updating your devices.   

CERT NZ recommends anyone who has a device that is not able to receive updates should replace their devices. For further information see our guide on end-of-life devices.

 

More information

Apple security updates External Link

If you require more information or further support, submit a report on our website or contact us on 0800 CERTNZ.

Report an incident to CERT NZ.

For media enquiries, email our media desk at media@mbie.govt.nz or call the MBIE media team on 027 442 2141.