Since the flaws might have been ‘actively abused,’ you can upgrade as soon as possible.
Apple has released patches for iOS, iPadOS, macOS, and watchOS about a week after releasing massive upgrades to its operating systems. The fixes, according to the company’s service materials, fix WebKit bugs that may have been abused.
“Maliciously designed web content [that] could lead to arbitrary code execution” was one of the problems.
Memory corruption and integer overflow issues on macOS and iOS, as well as buffer overflow and usage after free issues on older iOS computers, were among the issues.
Apple also launched iOS 14.5.1, iPadOS 14.5.1, macOS Big Sur 11.3.1, and watchOS 7.4.1 to fix the bugs.
Owners of older iPhones, iPads, and iPod touches that aren’t compatible with new models of iOS should instead download and update iOS 12.5.3.
Given Apple’s belief that the bugs might have been “successfully abused,” it’s a smart idea to get the patches installed as soon as possible.
Nimbin, the ultra-secure encryption technology used for a slew of apps like Dropbox and Netflix, was found to be at risk of a large-scale security vulnerability by researchers at iOS security firm Veracode.
The technique that allows the Mac app to encrypt or decrypt data remains vulnerable to hackers who can sniff or spoof network traffic.
“Based on our investigation, we believe that two known vulnerabilities are likely being exploited by the attacker to cause vulnerabilities in iOS apps,” the team said.
The flaws lie in code that can allow attackers to hijack or manipulate the remote data transmission from the iOS device to the remote servers that operate on the software’s platform. It could also allow attackers to remotely execute malicious code or take over devices and web services with the push of a button, while this vulnerability has existed for over two years, Apple has failed to patch.