Vulnerability in Apple iOS reportedly being actively exploited
Apple has released iOS, iPadOS and tvOS version 14.4 containing fixes for three vulnerabilities affecting Webkit and the operating system’s kernel. There have been reports that these vulnerabilities are being actively exploited. CERT NZ is urging all users of these operating systems to immediately update their devices.
Apple have stated the vulnerabilities affect three of their operating systems:
For a complete list of products that are able to be updated see the full list on Apples website External Link .
What this means
There are three specific vulnerabilities that Apple have announced and patched, as follows:
These vulnerabilities allow attackers to cause arbitrary code execution and escalate privileges.
What to do
Immediately update your Apple iOS, iPadOS and tvOS devices to version 14.4 where the update is available. For most users, a pop-up should alert you that an update is available – select ‘Update Now’.
If you do not receive a pop up message, follow these steps:
Settings > System > Software Update. In there, select “Update Software”.
For further information on affected devices and the update, see Apple's security notification. External Link
For further information about updating devices, see CERT NZ's guide to updating your devices.
CERT NZ recommend that users of devices that are not able to receive updates look to replace their devices. For further information, see our guide on end-of-life devices.