Client Alerts | Align

CISA WARNS OF NEW VULNERABILITY AFFECTING CERTAIN iOS DEVICES

Written by Align | 2022

Tuesday, October 25th, CISA, the Cybersecurity and Infrastructure Security Agency, identified the Apple iOS and iPadOS Out-of-Bounds Write Vulnerability and added to its Known Exploited Vulnerabilities Catalog.  

What Are the Vulnerabilities? 

  • CVE-2022-42827 is an out-of-bounds write issue in the iOS and iPadOS kernel, which can be exploited to allow a malicious application to execute arbitrary code with kernel privileges.
  • To view the CISA Known Exploited Vulnerabilities Catalog click here.  
  • To learn more about the Apple Vulnerability click here. 

Who is Affected? 

  • This affects owners of iPhone 8 and later, iPad Pro (all models), iPad Air 3rd Generation and later, iPad 5th Generation and later, iPad mini 5th Generation and later

What Should You Do?

  • WHAT CAN YOU DO?

    The Align Cybersecurity team recommends that all apple device owners immediately install the iOS 16.1 and iPadOS 16 which also come with fixes for 19 additional CVE-numbered security issues. 

    Please feel free to reach out to Align at any of the emails below:

     

  • How to install the updates
    • Apple users can update their iPhones and iPads by going to Settings > General > Software Update and their Macs by going to System Preferences > Software Update.

Additional Information and Cybersecurity Guidance: 

Do you have further other cybersecurity concerns? 

If so, we advise you to contact the Align Managed Services team at help@align.com or via phone at +1 855-IT-ALIGN (1-855-482-5446)

Thank you,

The Align Team

Account Management Team email: AccountMGMT@align.com
Align Managed Services Team email: help@align.com 
Cyber Team email - cyber@align.com
Alex Bazay, CISO - abazay@align.com
Dan Lyons, Sales and Business Development - dlyons@align.com
Phone: 1 855-IT-ALIGN (1-855-482-5446)
View full post