Apple released iOS 14.4, which included patches to fix some security flaws that hackers could use to gain access to your device.
Apple recently released its iOS 14.4 update, bringing along a host of new and improved features, including patches for several security flaws that hackers could actively exploit to access your device. The Cupertino tech giant said that these vulnerabilities could allow malicious applications to raise their privileges, which hackers could then use to gain access to the innermost sections of your device.
Reports suggest that hackers exploited the vulnerability issue in older versions of the iOS to access and steal information from an Apple device. For its part, the company said it is aware of the report about security flaws, which is why in the latest iOS 14.4 update, Apple included patches to fix these bugs.
Kernel Vulnerability
In a new Support document that Apple published earlier today, the Cupertino tech giant revealed that the iOS 14.4 update fixes kernel vulnerability and WebKit security vulnerabilities. The company said that these three security vulnerabilities "may have been actively exploited" by hackers to allow them access to your device.
Apple said that its iOS 14.4 update patches a security flaw in the kernel, which affects iPhone 6s and later models, as well as the iPad Air 2 and later models. The company also revealed that the 7th generation iPod touch and iPad mini 4, as well as its later models, also have the same vulnerabilities. According to the Cupertino tech giant, malicious applications can use these security flaws and vulnerabilities to elevate their privileges, allowing hackers to access and steal information from your device.
Privilege escalation and remote code execution exploits in iOS 14.3. Gross.
Update to 14.4 and don't wait.https://t.co/KZG66PwfSZ — Susan Potter (@SusanPotter) January 27, 2021
WebKit Vulnerabilities
Apple, through its Support document, also stated that the iOS 14.4 update also patched two vulnerabilities in the device's WebKit, the browser engine that Safari uses. Like the kernel vulnerability, the security flaws also affect the same devices already mentioned. Apple said that with such a security flaw, a hacker could execute an arbitrary code remotely. The company addressed the bug with improved restrictions, though it did not provide a detailed description of how it fixed the bug.
Many industry observers, however, took notice of Apple's admission that such vulnerabilities and security flaws "may have been actively exploited." As the Cupertino tech giant did not provide any details, no one knows outside of Apple who exploited the bugs, or who might have fallen, victim. The company promised though to provide additional details about the vulnerabilities and security flaws in the future, as well as how they fixed them with iOS 14.4 update patches.
