On Monday Apple released yet another recent security update for iOS 14.5.1, macOS 11.3, iPadOS 14.5, and watchOS 7.4.1. The latest update contains critical security patches that need to be installed immediately.
The updates were released to fix three zero-day flaws and expand patches for a fourth vulnerability. The iOS 14.5.1 security issues have been exploited by malicious agents. The threat actors might be using the security vulnerabilities fixed in iOS 14.5.1 to target the iPhone users. Apple in a statement clearly warned the users about the update. They said that it provides important security updates and all the users must need to update their device to fix the vulnerability.
The flaws concern the WebKit. It is a browser engine developed by Apple and used by Safari on iOS, macOS, and iPadOS. A summary of the three security flaws are as follows:
- CVE-2021-30663: It was an integer overflow vulnerability that can be exploited to craft malicious web content and can lead to code execution. The flaw was addressed with improved input validation.
- CVE-2021-30665: The security flaw was about a memory corruption issue that can be exploited to craft malicious web content and lead to code execution. The vulnerability was addressed with improved state management.
- CVE-2021-30666: It was a buffer overflow flaw that can be exploited to craft malicious web content and can lead to code execution. It was addressed with improved memory handling.
Three of the four fixed vulnerabilities have been identified by the researchers from Beijing belonging to Qihoo 360 security firm. While the fourth vulnerability is flagged by an anonymous researcher.
The company has kept itself away from sharing any details about the flaws that are now fixed. It is not the first time that Apple experiences such vulnerability. The company has now a list of such updates where user privacy is at great risk.
If you are an Apple user then you need to update your device soon because the security flaws can cause you great harm. So, be careful and stay secure.
