iOS 14.4 Patches Vulnerabilities That May Have Been Actively Exploited

by

Apple today released iOS 14.4 and iPadOS 14.4, and along with a handful of minor new features, the software introduces security fixes for three vulnerabilities that may have been used in the wild.

14
According to a security support document shared by Apple, there were kernel and WebKit vulnerabilities affecting all iPhones and iPads running iOS or iPadOS 14. The kernel vulnerability could allow a malicious application to elevate privileges, and Apple says it is aware of a report that the issue may have been actively exploited.

Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited.
Description: A race condition was addressed with improved locking.
CVE-2021-1782: an anonymous researcher

Apple also says a WebKit issue that allowed for a remote attacker to cause arbitrary code execution may have been actively exploited.

Available for: ‌iPhone‌ 6s and later, ‌iPad Air‌ 2 and later, ‌iPad mini‌ 4 and later, and ‌iPod touch‌ (7th generation)
Impact: A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Description: A logic issue was addressed with improved restrictions.
CVE-2021-1871: an anonymous researcher
CVE-2021-1870: an anonymous researcher

There is no other information available at this time, but Apple's support document says that additional information will be "available soon."

Given that significant vulnerabilities are patched in the iOS 14.4 and iPadOS 14.4 updates, those running iOS 14 should update as soon as possible.

Related Roundups: iOS 14, iPadOS 14

Top Rated Comments

LFC2020 Avatar
LFC2020
5 weeks ago
Great work apple, you don’t get this kind of support with android, may the walled garden continue to blossom. ???
Score: 9 Votes (Like | Disagree)
Unregistered 4U Avatar
Unregistered 4U
5 weeks ago
The security researchers I admire? These ones:

CVE-2021-1782: an anonymous researcher
CVE-2021-1871: an anonymous researcher
CVE-2021-1870: an anonymous researcher

Never have to worry about if they’re doing it to drive business or for publicity :)
Score: 7 Votes (Like | Disagree)
fhall1 Avatar
fhall1
5 weeks ago

Remember updating to that abortion OS called Catalina???
Nope - so far my machines are still running Mojave
Score: 6 Votes (Like | Disagree)
Apple_Robert Avatar
Apple_Robert
5 weeks ago
I am glad Apple is so proactive in this area.
Score: 5 Votes (Like | Disagree)
zorinlynx Avatar
zorinlynx
5 weeks ago
I wonder if these holes are in iOS 12; lots of iPhone 6 users still out there, like my mom.
Score: 5 Votes (Like | Disagree)
Apple_Robert Avatar
Apple_Robert
5 weeks ago

And this, folks, is why one should always stay up to date.
Exactly. Too many people around here don't update their device because they afraid of performance. In my opinion, security takes precedence.
Score: 4 Votes (Like | Disagree)
Read All Comments

Top Stories

microsoft edge ios android

Bill Gates Says His Preference for Android Over iPhone is Due to Pre-Installed Software

Friday February 26, 2021 3:35 am PST by
Microsoft co-founder Bill Gates this week participated in his first meeting on Clubhouse, the increasingly popular invite-only conversation app, where he fielded a range of questions as part of an ongoing book tour. Gates was interviewed by journalist Andrew Ross Sorkin, and given that the Clubhouse app is currently only available on iOS, naturally one of the questions that came up was...
Read Full Article284 comments
First Look Big Sur Feature2

Apple Releases macOS Big Sur 11.2.2 to Prevent MacBooks From Being Damaged by Third-Party Non-Compliant Docks

Thursday February 25, 2021 10:07 am PST by
Apple today released macOS Big Sur 11.2.2, the fourth update to the macOS Big Sur operating system that launched in November. macOS Big Sur 11.2.2 comes two weeks after the release of macOS Big Sur 11.2.1, a bug fix update. The new ‌‌‌‌macOS Big Sur‌‌‌ 11.2.2‌ update can be downloaded for free on all eligible Macs using the Software Update section of System Preferences....
Read Full Article239 comments
flat mbp 14 inch feature yellow

Redesigned 14-Inch MacBook Pro Expected to Feature Brighter Mini-LED Display With Slimmer Bezels and More

Thursday February 25, 2021 7:48 am PST by
Apple plans to unveil new 14-inch and 16-inch MacBook Pro models with Mini-LED-backlit displays in the second half of this year, according to industry sources cited by Taiwanese supply chain publication DigiTimes. The report claims that Radiant Opto-Electronics will be the exclusive supplier of the Mini-LED backlight units, while Quanta Computer is said to be tasked with final assembly of the...
Read Full Article203 comments
Top Stories 47 Feature copy

Top Stories: MacBook Pro, iMac, and AirPods Rumors, macOS 11.2.2, MagSafe Wallet Revisited

Saturday February 27, 2021 6:00 am PST by
March is right around the corner, and that means our first good opportunity for Apple product launches in 2021 as the company frequently has significant launches in March or April each year. We're hearing rumors about MacBook Pro, iMac, AirPods, and more, although many of these will be coming out at different times over the course of the year. This week also saw a macOS update to address a ...
Read Full Article31 comments
maxresdefault

HomeKit Essentials Worth Checking Out

Saturday February 27, 2021 7:05 am PST by
HomeKit was slow to take off after its 2014 launch, but now that it's been around for seven years, there are hundreds of HomeKit products available, ranging from doorbells and speakers to TVs, lights, and cameras. In our latest YouTube video, we rounded up some of our favorite HomeKit products that we find most useful. Subscribe to the MacRumors YouTube channel for more videos. HomePod...
Read Full Article100 comments
apple store macarthur center

Apple Store at MacArthur Center in Virginia Permanently Closing Following Years of Safety Issues at Shopping Mall

Thursday February 25, 2021 4:45 pm PST by
Apple today indicated that its retail store at the MacArthur Center shopping mall in Norfolk, Virginia will be permanently closing after over 14 years of business, although an exact closure date has yet to be announced by the company. Apple has assured that it will be offering all employees at the store other positions within Apple, and said that it looks forward to continuing to serve...
Read Full Article64 comments
jon prosser imac 2021colors

Prosser: 2021 iMac to Come in Five Colors, Apple Silicon Mac Pro to Resemble 'Stacked' Mac Minis

Wednesday February 24, 2021 7:26 am PST by
Hit-and-miss leaker Jon Prosser has today alleged that the upcoming 2021 iMac models will offer five color options, mirroring the colors of the fourth-generation iPad Air, and revealed a number of additional details about the Mac Pro with Apple Silicon. In a new video on YouTube channel FrontPageTech, Prosser explained that the redesigned iMacs will come featuring options for Silver, Space ...
Read Full Article297 comments
apple refurbished m1 mac mini

Apple Begins Selling Refurbished M1 Mac Mini

Thursday February 25, 2021 6:42 pm PST by
Apple today began selling certified refurbished Mac mini models with the M1 chip for the first time in the United States and Canada, with prices discounted by approximately 15 percent compared to brand new models as usual. For example, a refurbished Mac mini with the M1 chip, 256GB of SSD storage, and 16GB of unified memory is available for $759, compared to $899 brand new. Other custom...
Read Full Article96 comments
mac mini developer transition kit photo feature

Apple Requiring Developers to Return DTK Mac Minis by March 31

Friday February 26, 2021 3:57 pm PST by
Apple today sent out emails to developers who are in possession of a Developer Transition Kit, asking them to return the machines by March 31. The Developer Transition Kits are Mac minis with A12Z chips that Apple provided for development purposes ahead of the release of the M1 Macs. Apple in the emails provided developers with shipping instructions, and plans to begin collecting the DTKs...
Read Full Article164 comments
m1 mac mini

M1 Mac Users Report Excessive SSD Wear

Tuesday February 23, 2021 7:07 am PST by
Over the past week, some M1 Mac users have been reporting alarming SSD health readings, suggesting that these devices are writing extraordinary amounts of data to their drives (via iMore). Across Twitter and the MacRumors forums, users are reporting that M1 Macs are experiencing extremely high drive writes over a short space of time. In what appear to be the most severe cases, M1 Macs are sai...
Read Full Article693 comments