If you own an Apple iPhone or iPad, we suggest that you scan for a software update immediately. If you haven’t already installed iOS 14.4 on it, we suggest you do so to ensure you’ve got the most recent security patches.
Apple has posted a rather worrying blog on its support page that essentially points out that those without the update on their devices are vulnerable to exploitation from malignant outsiders.
A report on TechCrunch states that Apple’s latest update is aimed at fixing three vulnerabilities that may allow you to be targeted as you read this. Most worryingly of all is the fact that one of these vulnerabilities is targeted at the kernel, which Apple says may give intruders the ability to increase their privileges on a device, enabling them to steal data and cause serious damage.
The meat of the blog post is below:
Kernel
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited.
Description: A race condition was addressed with improved locking.
CVE-2021-1782: an anonymous researcher
WebKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Description: A logic issue was addressed with improved restrictions.
CVE-2021-1871: an anonymous researcher
CVE-2021-1870: an anonymous researcher
So we suggest you start your day on the right foot and leave nothing to chance. Open your iOS device, and go to Settings > General > Software Update, and download the update. You’ll be glad you did.