Apple releases fix for a bug that could affect iPhone, iPad, and Mac which could lead to arbitrary code execution by visiting malicious web content.
Like most bugs, this is a memory-related bug and affects WebKit, the browser behind Safari on iPhones and MacBooks. Apple has introduced security upgrades to macOS Big Sur 11.2.3 and iOS 14.4.1 and iPadOS 14.4.1.
In general, Apple has not released much information about this bug but recognizes that the problem is that its browser is at risk of processing malicious web content “which could lead to arbitrary code execution”.
The bug, Named CVE-2021-1844, was discovered by Clément Lecigne of Google’s Threat Analysis Group and Alison Huffman from a Microsoft browser risk research team.
Apple does not say whether this bug was exploited before the update. Both security researchers are notable.
IOS updates are available for the iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation).
IOS 14.4.1 is now available worldwide and contains a 138MB update. “This update provides important security updates and is recommended for all users,” Apple said. iPhone owners can go to the Settings app and check for software updates to find the patch.
It is always easy to install but, as usual, the process takes a few minutes while the device fixes the update and users will need to wait for the device to restart.