Apple releases security reports that could allow hackers to take full control

SAN FRANCISCO - Apple disclosed serious security vulnerabilities on iPhones, iPads and Macs that could allow attackers to take complete control of these devices.

Apple AAPL released two security reports on Wednesday, but they didn't receive much attention outside of tech publications.

A hacker could have full admin access to the device because of Apple's explanation of the vulnerability. That would allow intruders to impersonate the device's owner and run software in their name, said Rachel Tobac, CEO of SocialProof Security.

Security experts have advised users to update affected devices — the iPhone 6 S and later models, several models of the iPad, including the 5th generation and later, all iPad Pro models and the iPad Air 2 and Mac computers running MacOS Monterey. Some iPod models are affected by the flaw.

Apple did not say how, where and by whom the vulnerabilities were discovered, in the reports. In all cases, it cited an anonymous researcher.

Commercial spyware companies such as Israel's NSO Group are known for exploiting flaws, exploiting them in malware that inflicts targets phones, siphons their contents and surveils the targets in real time.

The NSO Group has been blacklisted by the U.S. Commerce Department. Its spyware is known to have been used in Europe, the Middle East, Africa and Latin America against journalists, dissidents and human rights activists.

Security researcher Will Strafach said he had not seen a technical analysis of the vulnerabilities that Apple has just patched. The company has acknowledged similarly serious flaws, and has known that such security holes have been exploited, in what Strafach estimated to be perhaps a dozen times.