A patch to Apple operating systems addresses a dangerous vulnerability to the security of iPads, iPhones, and Macintosh computers. Information Technology Services urges users to install iOS 15.3.1 and iPadOS 15.3.1 updates.
The vulnerability, CVE-2022-22620, affects all web browsers or apps that use web browsing in the background on Apple devices. It allows the device to be infected with malware simply by browsing a web page or having a malicious advertisement displayed.
“This is an extremely dangerous vulnerability because it can be triggered by clicking a link or viewing an advertisement created for the sole purpose of activating the virus,” says Kevin Macnaughton, team leader – security, Information Technology Services. “What amplifies the risk is that many mobile device apps have in-app web browsers. For example, Twitter or Facebook apps have this functionality. That means attackers can send a request that infects the device while you are using a popular app.”
What should you do to avoid the CVE-2022-22620 vulnerability?
- Apply operating system patches for your devices immediately. If your device is no longer supported, consider using a different device until you can upgrade or replace your device.
- Never click unknown links or links that you do not need to.
To learn more about cybersecurity, visit uwindsor.ca/cybersecurity.
If you have a question about your cybersecurity, contact the IT Service Desk via live chat found in the bottom right corner of uwindsor.ca/itservices or www.uwindsor.ca/itshelp, or phone 519-253-3000, ext. 4440.