IOS 14.4 is available to users via an over-the-air update in the Settings app. Apple says that all three vulnerabilities were reported by anonymous security researchers. Apple granted anonymity to the individual who submitted the bug, the advisory said.Īpple says that additional details about these vulnerabilities will be provided in the future, but no additional information is currently available. Apple did not say if the attack was targeted against a small subset of users or if it was a wider attack. It’s not known who is actively exploiting the vulnerabilities, or who might have fallen victim. Description: A logic issue was addressed with improved restrictions.Īs TechCrunch rightfully points out, it’s unusual for Apple to denote that a security vulnerability “may have been actively exploited.” The company did not provide any information on who might have fallen victim:.Apple is aware of a report that this issue may have been actively exploited. Impact: A remote attacker may be able to cause arbitrary code execution.IOS 14.4 also patches two vulnerabilities in WebKit, which is the browser engine used by Safari, affecting the same aforementioned devices: Description: A race condition was addressed with improved locking.Impact: A malicious application may be able to elevate privileges.The company only provides a brief description of the details: In a new Support document published this afternoon, Apple said that iOS 14.4 fixes a kernel vulnerability and two WebKit vulnerabilities, all three of which “may have been actively exploited.”įirst, Apple says that iOS 14.4 patches a security vulnerability in the kernel affecting iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation). The update also brings Time to Walk for Apple Fitness+ subscribers and expands the ECG app for the Apple Watch Series 4 and later to Japan, Mayotte, Philippines, and Thailand.In addition to the new features detailed earlier today, iOS 14.4 also brings a trio of notable security improvements. The WatchOS 7.3 update for Apple Watch brings the Unity watch face, which is inspired by the colours of the Pan-African Flag. The update also fixed a problem with the default keyboard that caused a delay in typing and showing word suggestions on some devices. It brings a list of new features and improvements including a feature that notifies iPhone 12 mini, iPhone 12, iPhone 12 Pro, and the iPhone 12 Pro Max users when their camera is unable to be verified as a genuine Apple camera. The last major update from Apple for its iPhone and iPad models was iOS 14.4 released in January this year. It will also introduce the controversial App Tracking Transparency feature, a new permissions dialogue box that apps would be required to show before sharing user information with third-parties. iOS 14.5 will hit the market with feature enhancements including the ability to unlock iPhone using Apple Watch when you are wearing a face mask. In case you haven't received a notification on your compatible Apple devices, you can go to Settings > Software Update and tap on Install Now.Īpple is currently in the process of beta testing iOS and iPadOS 14.5, which is expected to reach users by April. The watchOS 7.3.3 fixes the security issue for Apple Watch Series 3 and later. The iOS and iPadOS 12.5.2 patch is applicable for iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation). The iPadOS 14.2.2 is for iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation). The iOS 14.4.2 update applies to iPhone 6s and later. The current updates for are only a security fix and do not include any new features. The tech giant said that it was “aware of a report that this bug was getting exploited”. A new major update for the latest iPhone, iPad, and Apple Watch models is due later this year.Īpple has said that it has detected a bug in WebKit that could allow a malignant website to perform activate random cross-site scripting. Apple had released iOS 14.4, iPadOS 14.4, and watchOS 7.3 feature update in January. The Cupertino-based company has also released iOS 12.5.2 and iPadOS 12.5.2 to patch the WebKit security issue in older iPhone and iPad models running on iOS 12. Apple said that the WebKit flaw may have been exploited. The updates fix a security flaw in WebKit, the browser engine developed by Apple and used in its Safari Web browser, which is also mandated for use in all third party browsers on iOS. Apple has released iOS 14.4.2, iPadOS 14.4.2, and watchOS 7.3.3 patch updates to fix a vulnerability in its latest devices.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |