Apple security issues apparently skyrocketed in 2021

By Sead Fadilpašić
published

Number of abused Apple flaws increased four times in just a year, report claims

Apple
(Image credit: Apple)

The number of flaws discovered and abused inside Apple’s ecosystem skyrocketed in the second half of 2021, new research has claimed. 

A report from Atlas VPN says cybercriminals found, and exploited, a total of 380 new vulnerabilities across Apple's software offerings in the second half of 2021, up 467% compared to the first half of the year.

Most of the exploits concern Safari, the company’s internet browser, as well as the operating system (OS) itself. “Due to all Apple (opens in new tab) software being interchangeable and connected, one found vulnerability can usually affect all devices,” the researchers say.

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 (opens in new tab)

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 (opens in new tab). Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey (opens in new tab) to get the bookazine, worth $10.99/£10.99.

Among the most dangerous vulnerabilities for Apple devices is CVE-2021-30858, it was further stated, as it comes with a severity score of 8.8. It targets iPhones and iPads with iOS version 14.8, as well as Mac endpoints (opens in new tab) with macOS Big Sur 11.6. 

The flaw allows threat actors to execute arbitrary code, which means they could install malware or ransomware on the target device, or do a myriad of other malicious activities (for example, data exfiltration or login credentials theft).

The researchers believe cyber-crooks’ rising focus on Apple is due to the ever-increasing popularity of its products:

“Products owned by tech giants such as Apple or Google are used by billions of people worldwide. That makes billions of users vulnerable to exploits found by cybercriminals,” says Vilius Kardelis, cybersecurity writer at Atlas VPN. “To stay away from such threats and keep your devices safe, people should always update their software to the latest version.”

Read more

> Apple accused of recklessness over iOS security vulnerability (opens in new tab)

> Sign in with Apple vulnerability could have led to account takeovers (opens in new tab)

> Apple releases urgent security fix for iPhone and Mac devices (opens in new tab)

From a raw numbers perspective, though, it’s Google and Microsoft that have had most vulnerabilities exploited in the second half of the year. Google accumulated a total of 511 vulnerabilities, mostly within Android, and the Chrome browser. 

Microsoft was second, with a total of 428 vulnerabilities. Most of them were found in Windows, Office, and the browser - Microsoft Edge.

Apple has been contacted for comment.

Sead Fadilpašić
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

See more Computing news