A patch to Apple operating systems addresses a dangerous vulnerability to the security of iPads,  iPhones, and Macintosh computers. Information Technology Services urges users to install iOS 15.3.1 and iPadOS 15.3.1 updates.

The vulnerability, CVE-2022-22620, affects all web browsers or apps that use web browsing in the background on Apple devices. It allows the device to be infected with malware simply by browsing a web page or having a malicious advertisement displayed.

“This is an extremely dangerous vulnerability because it can be triggered by clicking a link or viewing an advertisement created for the sole purpose of activating the virus,” says Kevin Macnaughton, team leader – security, Information Technology Services. “What amplifies the risk is that many mobile device apps have in-app web browsers. For example, Twitter or Facebook apps have this functionality. That means attackers can send a request that infects the device while you are using a popular app.”

What should you do to avoid the CVE-2022-22620 vulnerability?

• Apply operating system patches for your devices immediately. If your device is no longer supported, consider using a different device until you can upgrade or replace your device.
• Never click unknown links or links that you do not need to.

To learn more about cybersecurity, visit uwindsor.ca/cybersecurity.

If you have a question about your cybersecurity, contact the IT Service Desk via live chat found in the bottom right corner of uwindsor.ca/itservices or www.uwindsor.ca/itshelp, or phone 519-253-3000, ext. 4440.