Apple has released iOS 14.4, which contains three security fixes. Apple has said in the release notes that these vulnerabilities are potentially exploitable by hackers.
The California-based tech company released a report explaining the nature of the latest update and the previous security holes. Apple also notes that “a remote attacker may be able to cause arbitrary code execution.”.
There has been no further explanation from Apple regarding details and actual figures. TechCrunch notes that Apple refused to provide any more information than what is available on the website.
As of now, the number of people who have fallen victims to these issues remains unknown. Similarly, there is no information on whether someone attempted to exploit the bugs.
Attackers Could Take Control Through The Browser
The bugs were found in WebKit. WebKit is a browser engine that supports the default Safari browser on Apple devices. While it is rare for a single vulnerability to hand one’s device over to an attacker completely, a combination of multiple vulnerabilities could undoubtedly affect a device’s integrity.
This exploit means that attackers could control one’s device if the user happened to visit a website that the attackers control.
An Update That Can’t-Wait
While there is no need to panic over this, the 14.4 update isn’t something that users should wait for before applying. We have a habit of stalling OS updates because of the trouble of having to restart our devices. But the iOS 14.4 is one of the most critical updates in a while in terms of security and privacy.
Apple has mentioned on the site that it will be providing details soon. Once that releases, we will have an idea of how many devices were affected. Additionally, we’ll also know how many attackers had identified the bug before Apple did.
Back In October, a group of White-Hat hackers led by Sam Curry had identified 55 vulnerabilities in Apple’s network.