Apple urges iPhone and iPad users to update their iOS right away. The tech giant says it is critical to update the iPhone’s iOS to 14.4 as it patched three exploits, that are used by hackers to break into iPhones and iPads.
Apple released the iOS 14.4 update on iPhone and iPad 14.4 on iPad respectively the other day. These two updates are for bug fixes and some other minor features. Apple published the update details and acknowledged that three vulnerabilities were patched in the new software. Though it is nothing out of ordinary, this particular update seems to be critical.
On the support webpage, Apple said three security flaws may have been actively exploited. Without many specific details, Apple says they do not disclose, discuss or confirm security issues until an investigation has occurred and patches or releases are available.
As reported by ‘an anonymous researcher’ Apple found about a remote attacker may be able to cause arbitrary code execution, while Kernel, an Apple developer framework was also affected. Last year, Google researchers found several websites with code that allows hackers to infiltrate iPhones. The iOS13 bug exposes contact details on the iPhone with the need for any passcode or biometric identification.
On its support webpage, Apple acknowledged the bugs as below:
Kernel
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited.
Description: A race condition was addressed with improved locking.
CVE-2021-1782: an anonymous researcher
WebKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Description: A logic issue was addressed with improved restrictions.
CVE-2021-1871: an anonymous researcher
CVE-2021-1870: an anonymous researcher
This post was last modified on %s = human-readable time difference 4:37 pm
In an advantage to the exclusive OTT audiences, the theatrical window for most of the…
Pushpa 2 is making a magnanimous entry into theaters on December 5th. But the powerful…