iPhone and iPad users are strongly recommended to update their devices to iOS 17.4 and iPadOS 17.4, respectively, as soon as possible. The updates fix two major security vulnerabilities that may have already been exploited on some devices.
In the security support document for the updates, Apple says that it “is aware of a report” that RTKit and kernel vulnerabilities may have been exploited by bad actors.
Impact: An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.
iOS 17.4 and iPadOS 17.4 fixes the memory corruption issue with improved validation to patch the security hole.
The updates also address an Accessibility vulnerability as well as an issue with Safari Private Browsing that could allow locked tabs to be briefly visible while switching tab groups.
The iOS 17.4 and iPadOS 17.4 updates can be downloaded and installed on compatible iPhones and iPads over-the-air by going to “Settings” -> “General” -> “Software Update.”
