This message was sent to U-M IT groups on Wednesday, 10/27/21. It is intended for U-M staff who are responsible for managing or are using any Apple devices, including mobile devices, and it applies to both UM-owned and personally-owned devices.
Summary
Apple has released updates to patch vulnerabilities in multiple products, including those running Mac OS, iOS, and Apple watches. Some of the vulnerabilities could allow for remote code execution.
Problem
An attacker could exploit some of the vulnerabilities in Apple products to take control of an affected system.
Affected Systems
Apple devices using OS versions older than the ones listed here are affected:
Action Items
Apply updates to affected Apple devices immediately after appropriate testing.
-
MiWorkspace users: Apply available updates to your MiWorkspace Macs as soon as possible. Updates are already available in the Managed Software Center.
-
U-M devices that are not managed by MiWorkspace or MiServer: Apply updates immediately after appropriate testing.
-
Personally owned devices: Apply updates to your personal Mac OS, iOS, and Apple watch devices as soon as possible. It is recommended that you keep personally-owned devices updated at all times, and it is required if you use those devices for U-M business.
Threats
There are currently no reports of these vulnerabilities being exploited in the wild.
How We Protect U-M
-
MiWorkspace machines: A patch is available for MiWorkspace managed Macs. Please take time to apply any outstanding patches as soon as possible. Applying patches when they become available is the best protection for your UM-managed systems and devices.
-
Personally managed or personally owned devices: It is your responsibility to secure any personally-managed U-M devices or personally-owned devices used for U-M business. ITS IA provides guidance on the Safe Computing website in the sections Manage U-M Workstations and Secure Your Devices to help you secure systems and devices you manage or personally own.
-
ITS provides CrowdStrike Falcon to units, which should be installed on all U-M owned systems (Windows, macOS, and Linux operating systems, whether workstations or servers). If you need assistance installing Falcon on a UM-owned device, contact your unit's Falcon admin or Security Unite Liaison (SUL).
Questions, Concerns, Reports
Please contact ITS Information Assurance through the ITS Service Center.
References
-
Apple Releases Security Updates for Multiple Products, Cyberstructure & Infrastructure Security Agency, 10/27/21
-
Apple releases iOS 14.8.1 and iPadOS 14.8.1 with several critical security updates, Macworld, 10/26/21