iOS/iPadOS 14.4 fixes 0-day vulnerabilities

Posted on 2021-01-27 by guenni

[German]Apple has just released iOS 14.4 and iPadOS 14.4 as a security update. The update closes three vulnerabilities that are exploited by 0-day exploits.

Advertising

I came across the issue via the following tweet. There Costin Raiu highlights the three vulnerabilities CVE-2021-1782 (race condition in the kernel), as well as CVE-2021-1871 and CVE-2021-1870, which Apple states in this document.  

iOS 14.4 security update

With the latter vulnerabilities, a remote attacker may be able to execute arbitrary code. Apple is aware of a report that this issue may have been actively exploited. Users of iPhone 6s and newer, iPad Air 2 and newer, iPad mini 4 and newer, and iPod touch (7th generation) should update quickly.

Advertising
This entry was posted in devices, Security and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).