Apple has issued an urgent security advisory urging iPhone users to update their devices after identifying two serious software vulnerabilities that were exploited in what the company described as “extremely sophisticated” attacks.
In a security bulletin released this week, Apple said the flaws affected WebKit, the browser engine used by Safari and all third-party browsers on iOS. The vulnerabilities could allow attackers to execute malicious code simply by getting a user to visit a compromised website.
Apple confirmed that the vulnerabilities were actively exploited but stressed that the attacks appeared to be highly targeted, rather than widespread.
“Apple is aware of a report that these issues may have been exploited in an extremely sophisticated attack against specific targeted individuals,” the company said in its advisory.
The company released emergency software updates for iPhones, iPads and other Apple devices to address the flaws. Users were strongly advised to install the latest updates immediately to ensure protection.
While some reports have suggested the warning applies to all of Apple’s estimated 1.8 billion iPhone users worldwide, cybersecurity experts note that the attacks referenced by Apple do not indicate a mass compromise of devices. Instead, the warning reflects the seriousness of the vulnerabilities and the potential risk if devices remain unpatched.
Apple did not disclose who was behind the attacks or which individuals were targeted, citing security reasons.
The advisory comes amid growing global concern over zero-day vulnerabilities — previously unknown software flaws that can be exploited before developers have time to issue fixes.
Apple said it continues to investigate the incidents and reiterated the importance of keeping devices up to date with the latest security patches. (Newswire)