News

iOS 14.4 and iPadOS 14.4 Now Available to the Public – Patches Vulnerabilities That May Have Been Already Exploited

Apple today released iOS 14.4 and iPadOS 14.4 to the public. Version 14.4 includes patches for vulnerabilities that may have already been actively exploited by bad actors.

Apple was notified by an anonymous security researcher and Apple included an emergency patch in iOS 14.4.  Apple says the kernel vulnerability could allow a malicious application to elevate privileges, and it is aware that the issue may have been actively exploited.

iOS 14.4 and iPadOS 14.4

Released January 26, 2021

Kernel

Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited.

Description: A race condition was addressed with improved locking.

CVE-2021-1782: an anonymous researcher

WebKit

Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Description: A logic issue was addressed with improved restrictions.

CVE-2021-1871: an anonymous researcher

CVE-2021-1870: an anonymous researcher

Additional details available soon.

iOS 14.4 and iPadOS 14.4 are available as an over-the-air update on eligible devices, in the Settings app. To access the new software, go to “Settings” -> “General” -> “Software Update.

iOS 14.4 and iPadOS 14.4 also include mnumerous other improvements and fixes.

iOS 14.4

iOS 14.4 includes the following improvements for your iPhone:

  • Smaller QR codes can be recognized by Camera
  • Option to classify Bluetooth device type in Settings for correct identification of headphones for audio notifications
  • Notifications for when the camera on your iPhone is unable to be verified as a new, genuine Apple camera in iPhone 12, iPhone 12 mini, iPhone 12 Pro and iPhone 12 Pro Max

This release also fixes the following issues:

  • Image artifacts could appear in HDR photos taken with iPhone 12 Pro
  • Fitness widget may not display updated Activity data
  • Typing may be delayed and word suggestions may not appear in the keyboard
  • The keyboard may not come up in the correct language in Messages
  • Audio stories from the News app in CarPlay may not resume after being paused for spoken directions or Siri
  • Enabling Switch Control in Accessibility may prevent phone calls from being answered from the Lock Screen

For information on the security content of Apple software updates, please visit this website:

https://support.apple.com/kb/HT201222

Chris Hauk

Chris is a Senior Editor at Mactrast. He lives somewhere in the deep Southern part of America, and yes, he has to pump in both sunshine and the Internet.