Critical vulnerability found in Apple TV operating system

Although reports of critical security failures in Apple operating systems are not very common, it is possible to encounter them relatively frequently with cybersecurity alerts of considerable or moderate seriousness.

One of the most recent reports refers to a flaw in Apple tvOS, the operating system included in Apple TV devices present in all versions up to 13.3.0. The vulnerability affects an as yet unidentified feature in a component called Webkit Page Loading; researchers have not yet determined the impact of their potential exploitation.

The security flaw, tracked as CVE-2020-3864, was revealed this week by researcher Ryan Pickren and has already been notified to Apple users through the company’s official platforms.

So far technical details about the flaw are unknown, although some versions claim that exploits are already available for sale on various hacking forums. Cases of exploitation in real-world scenarios are also unknown.

According to Apple and the cybersecurity firms that have tracked the incident, users only need to update their vulnerable deployments to version 13.3.1. Although there are other workarounds, it is recommended to install the official company update. Additional details about the vulnerability could be revealed as soon as the company decides that the risk of exploitation in real-world scenarios is past.