iOS 14.4 Patches Vulnerabilities That May Have Been Actively Exploited
Apple today released iOS 14.4 and iPadOS 14.4, and along with a handful of minor new features, the software introduces security fixes for three vulnerabilities that may have been used in the wild.
According to a security support document shared by Apple, there were kernel and WebKit vulnerabilities affecting all iPhones and iPads running iOS or iPadOS 14. The kernel vulnerability could allow a malicious application to elevate privileges, and Apple says it is aware of a report that the issue may have been actively exploited.
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited.
Description: A race condition was addressed with improved locking.
CVE-2021-1782: an anonymous researcher
Apple also says a WebKit issue that allowed for a remote attacker to cause arbitrary code execution may have been actively exploited.
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Description: A logic issue was addressed with improved restrictions.
CVE-2021-1871: an anonymous researcher
CVE-2021-1870: an anonymous researcher
There is no other information available at this time, but Apple's support document says that additional information will be "available soon."
Given that significant vulnerabilities are patched in the iOS 14.4 and iPadOS 14.4 updates, those running iOS 14 should update as soon as possible.
Popular Stories
Apple's annual four-day Black Friday through Cyber Monday shopping event is returning on Friday, November 28 through Monday, December 1 in many countries, including the United States, Canada, Australia, New Zealand, France, Germany, Italy, Spain, the United Kingdom, Belgium, the Netherlands, Sweden, Thailand, and others.
During the shopping event, customers can get an Apple gift card with...
iOS 26.2 is currently in beta testing. The upcoming update includes a handful of new features and changes on the iPhone, including a new Liquid Glass slider for the Lock Screen's clock, offline lyrics for Apple Music, and more.
In a recent press release, Apple confirmed that iOS 26.2 will be released to all users in December, but it did not provide a specific release date.
Keep reading...
Apple has begun selling the Hikawa Phone Grip and Stand, a new limited-edition iPhone accessory designed with accessibility in mind.
Designed by LA-based Bailey Hikawa to celebrate the 40th anniversary of accessibility at Apple, the grip uses magnets to securely snap onto any iPhone with MagSafe.
Apple says it can be removed with ease, and doubles as a stand with two different viewing...
Apple's iPhone development roadmap runs several years into the future and the company is continually working with suppliers on several successive iPhone models at the same time, which is why we often get rumored features months ahead of launch. The iPhone 18 series is no different, and we already have a good idea of what to expect for the iPhone 18 Pro and iPhone 18 Pro Max.
One thing worth...
Black Friday is just over a week away, and iPad deals have finally started to flood in at retailers like Amazon and Best Buy. Below we're tracking discounts on every current generation iPad, including lowest-ever prices on M3 iPad Air and M5 iPad Pro, plus steep markdowns on iPad and iPad mini.
Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a ...
Apple's eighth-generation iPad mini is highly likely to arrive next year, offering a significant refresh of the device with at least four major new features.
OLED Display
The next-generation version of the iPad mini could feature an OLED display, as part of Apple's plan to expand the display technology across many more of its devices. Apple's first OLED device was the Apple Watch in 2015, ...
Apple Watch owners have been voicing their frustration online over changes to the Workout app that Apple introduced in watchOS 26, with many finding the redesigned interface makes starting exercises difficult and exasperating.
When Apple launched watchOS 26 in September, the Workout app went from large, easily tapped workout tiles to a scrolling, corner-button interface. Instead of tapping a ...
In select U.S. states, residents can add their driver's license or state ID to the Apple Wallet app on the iPhone and Apple Watch, and then use it to display proof of identity or age at select airports and businesses, and in select apps.
Earlier this week, Illinois became the 13th state in the U.S. to offer the feature. Subsequently, we shared a list of additional states that are committed...
Google today announced a new cross-platform feature that allows for file sharing between iPhone and Android users. With AirDrop on the iPhone and QuickShare on Pixel 10 devices, there is a new file transfer function available.
The file sharing option works on Apple devices that include iPhone, iPad, and Mac, along with the Pixel 10, Pixel 10 Pro, Pixel 10 Pro XL, and Pixel 10 Fold....
