Skip to main content
  1. Home
  2. Computing
  3. News

This major Apple bug could let hackers steal your photos and wipe your device

By

Apple’s macOS and iOS are often considered to be more secure than their rivals, but that doesn’t make them invulnerable. One security team recently proved that by showing how hackers could exploit Apple’s systems to access your messages, location data, and photos — and even wipe your device entirely.

The discoveries were published on the blog of security research firm Trellix, and will be of major concern to iOS and macOS users alike, since the vulnerabilities can be exploited on both operating systems. Trellix explains that Apple patched the exploits in macOS 13.2 and iOS 16.3, which were released in January 2023, so you should update your devices as soon as you can.

A physical lock placed on a keyboard to represent a locked keyboard.
piranka / Getty Images

Apple protects its systems by requiring apps to be signed by approved developers, by sandboxing apps to prevent them from accessing areas they should not, and by almost entirely removing the ability to dynamically run arbitrary code. Combined, those measures help macOS and iOS become highly secure — but apparently not secure enough.

Recommended Videos

Trellix’s blog post explains that the infamous cyberintelligence organization NSO Group bypassed some of these protections in 2021 by exploiting Apple’s NSPredicate system. In short, NSPredicate is one of the few elements of macOS and iOS that can dynamically generate code — something that was thought to be absent from Apple’s operating systems. NSO Group discovered this and used it to craft its Pegasus spyware.

Related: 
Best new movies to stream on Netflix, Hulu, Prime Video, Max (HBO), and more

This exploit was dubbed FORCEDENTRY, and Apple patched it shortly after its discovery in late 2021. Trellix’s work, however, has shown that Apple’s patches can be easily bypassed, rendering them useless.

In fact, Trellix claims it has found an entire class of bugs that can be exploited this way, granting hackers access to a user’s calendar, address book, photos, camera, microphone, and more. Some bugs could even be used to wipe your device in its entirety.

Trellix passed on the details of the exploits it discovered to Apple, and they were patched earlier this year. That means you should download the fixes — contained in macOS 13.2 and iOS 16.3 and later versions — as soon as you can. These exploits also serve as a helpful reminder that, despite the company’s reputation for strong security, no Apple product is invulnerable to attack. Ensuring your device is up to date is a great way to keep it safe.

Alex Blake
Alex Blake
Computing Writer
Alex Blake has been working with Digital Trends since 2019, where he spends most of his time writing about Mac computers…
Topics

Editors’ Recommendations

Apple could finally fix Siri on iPhones with help from Google’s Gemini
Gemini Live on an iPhone.

“Find me a decent coffee shop where I can sit and get work done?” I uttered into my iPhone’s mic. 

“I’ll need to use ChatGPT to write that.” That was Siri’s response in my interaction with Apple’s voice assistant just over a week ago. Google’s Gemini assistant helped me the way I expected it to. 

Read more
Apple is right to make iPadOS more Mac-like, but I’ll never buy an iPad that runs macOS
Magic Keyboard and iPad Pro.

Do you use a Mac or an iPad? Huge numbers of people use both, yet there are growing calls for Apple to merge the two devices into some kind of all-in-one super product. I’m not one of those people -- in fact I think it would be a terrible idea -- and I’m determined to steer clear of any hypothetical iPad that runs macOS.

Over the past few years, Apple’s best iPads have grown closer to the Mac. We’ve seen the devices get outfitted with Mac-grade chips like the M4, gain macOS-like software features such as Stage Manager, and gain increased compatibility with mice and keyboards.

Read more
WWDC 2025: everything you need to know
We expect to see new versions of iOS, iPadOS, watchOS, macOS, visionOS and tvOS at WWDC 2025
Apple WWDC 2025 logo

Apple's annual Worldwide Developer Conference (or WWDC 2025 for short in the case of this year's iteration) is a major event where significant software updates tend to take the center stage.

At WWDC 2025, Apple is expected to showcase changes to iOS, iPadOS, macOS, watchOS and tvOS that will substantially improve how we interact with the iPhone, iPad, Mac, Apple Watch and Apple TV.

Read more