Get up from the bed, and update your iPhone right now. Apple has released its iOS 14.4 update with fixes to three critical vulnerabilities that are possibly being exploited as we speak.
The iPhone maker hasn’t listed too many details about the bugs, apart from saying that they “may have been actively exploited.” One vulnerability is related to the kernel where the attacker could increase their privilege level (like becoming an admin) and cause serious damage to your device or steal your data.
[Read: How this company leveraged AI to become the Netflix of Finland]
The other two anomalies are related to Apple’s WebKit rendering engine that powers Safari; they allow attackers to execute arbitrary code that could be used to snoop on you. We don’t know if this is possible remotely or if the attacker would need physical access to the device.
In time, we might get to know more about these bugs, but it’s important that you update your iPhone to iOS 14.4 now.
To do that, go to Settings > General > Software Update, and download the patch.
In 2019, Google’s Project Zero team revealed that a targeted malware exploited bugs iPhone to steal data for two years before they were resolved. Usually, companies like Apple don’t disclose details of bugs under attack. However, given the scale of impact on iPhone owners, it had to at least ask them to update their devicesthis time aroud.
Did you know we have a newsletter all about consumer tech? It’s called Plugged In –
and you can subscribe to it right here.
Published January 27, 2021 — 05:13 UTC