MobileNews

Apple says iOS 14.4 patches 3 security flaws that ‘may have been actively exploited’

In addition to the new features detailed earlier today, iOS 14.4 also brings a trio of notable security improvements. In a new Support document published this afternoon, Apple said that iOS 14.4 fixes a kernel vulnerability and two WebKit vulnerabilities, all three of which “may have been actively exploited.”

First, Apple says that iOS 14.4 patches a security vulnerability in the kernel affecting iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation). The company only provides a brief description of the details:

  • Impact: A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited.
  • Description: A race condition was addressed with improved locking.

iOS 14.4 also patches two vulnerabilities in WebKit, which is the browser engine used by Safari, affecting the same aforementioned devices:

  • Impact: A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
  • Description: A logic issue was addressed with improved restrictions.

As TechCrunch rightfully points out, it’s unusual for Apple to denote that a security vulnerability “may have been actively exploited.” The company did not provide any information on who might have fallen victim:

It’s not known who is actively exploiting the vulnerabilities, or who might have fallen victim. Apple did not say if the attack was targeted against a small subset of users or if it was a wider attack. Apple granted anonymity to the individual who submitted the bug, the advisory said.

Apple says that additional details about these vulnerabilities will be provided in the future, but no additional information is currently available. Apple says that all three vulnerabilities were reported by anonymous security researchers.

iOS 14.4 is available to users via an over-the-air update in the Settings app. Simply open the Settings app, choose General, then choose Software Update. With these major security improvements included, we highly recommend updating as soon as possible.


Check out 9to5Mac on YouTube for more Apple news:

Check out the latest Apple iPhones at great prices from Gizmofashion – our recommended retail partner.


Author: Chance Miller
Source: 9TO5Google

Related posts
AI & RoboticsNews

The show’s not over: 2024 sees big boost to AI investment

AI & RoboticsNews

AI on your smartphone? Hugging Face’s SmolLM2 brings powerful models to the palm of your hand

AI & RoboticsNews

Why multi-agent AI tackles complexities LLMs can’t

DefenseNews

US Army buys long-flying solar drones to watch over Pacific units

Sign up for our Newsletter and
stay informed!