About the author
–
–
The final versions of iOS 14.4 and iPadOS 14.4 finally hit the network on Tuesday. Although both systems may seem insignificant as updates, it is worth knowing that they improve not only functionality, but also security. Apple informs about patching as many as three important vulnerabilities that the company believes could be actively used.
Error number one, labeled CVE-2021-1782, was detected in the kernel and is related to a non-zero propagation time. According to Apple, its use can lead to escalation of permissions by malicious applications. Errors CVE-2021-1870 and CVE-2021-1871 found their way to Safari, or actually WebKit engine, opening up the possibility of remote code execution for a potential attacker.
Understandably, the manufacturer does not want to disclose the details of any of these vulnerabilities, at least until the patches are widely distributed. There is, however, reasonable suspicion that these are errors of the greatest importance. Service The Hacker News przypominathat vulnerabilities of this class found in iOS 13.5.1 were used in last year’s attacks on Al Jazeera journalists.
How does this translate into practice? – someone will ask. There is no magic: if you have an iPhone or iPad, just update it as soon as possible. The more that iOS 14.4 and iPad 14.4 are more than just increased security. Among other important novelties, it is worth mentioning, among others reading smaller QR codes in photos, the ability to classify Bluetooth devices and adding notifications about a non-original camera module.
The new systems compatibility list includes iPhones 6s or newer, iPad Air 2 or newer, iPad mini 4 or newer, and the 7th generation iPod Touch.
– .