Apple has released an important update for iPhone, iPad, Apple Watch and Mac devices in order to combat a worrying security vulnerability.
iOS 14.4.1, iPadOS 14.4.1, watchOS 7.3.2 and macOS 11.2.3 are now rolling out to users, addressing a memory corruption problem within the WebKit, the browser engine that powers Safari.
“This update provides important security updates and is recommended for all users,” Apple says in the release notes (via 9to5Mac).
Within the release notes, Apple says the vulnerability pertains to “processing maliciously crafted web content may lead to arbitrary code execution.” Roughly translated, that means the attacker can do anything they want on your device. Yikes! This is one you should probably install on your various Apple devices quickly.
The zero-day vulnerability was discovered by Google and Microsoft security researchers. It is not known whether the security flaw had been exploited in the wild.
Here are the release notes from Apple notes:
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: A memory corruption issue was addressed with improved validation.
CVE-2021-1844: Clément Lecigne of Google’s Threat Analysis Group, Alison Huffman of Microsoft Browser Vulnerability Research
The updates can be installed in the usual manner, via Settings > Software updates. Right now we’re still awaiting the launch of iOS 14.5, which will offer a new way to use Face ID while wearing a mask, and updated Find My app, 200 new emoji and support for the new PS5 DualSense and Xbox Series X/S controller. However, today’s update will be just as important if it takes care of this dangerous security issue.
Are you looking forward to the new features in iOS 14.5 and iPadOS 14.5 when it arrives in the coming weeks? Let us know @trustedreviews on Twitter.