Open in app

Sign in

Write

Sign in

Are you aware of these security bugs on your iPhone?

RP
decoding.com.au
Published in
2 min readJan 28, 2021
Are you aware of these security bugs on your iPhone? — Decoding

Apple recently discovered three new security bugs of iOS 14 and iPadOS 14 that opened a backdoor for hackers. The updates about vulnerabilities published on Apple’s Security Update page. As it is a critical security loophole, Apple hasn’t disclosed full details about the compromised part of iPadOS and iOS 14. But Apple released new iOS 14.4 and iPadOS 14.4 as part of the security patches updated.

Affected devices due to the iOS 14.4 and iPadOS 14.4 security bugs:

Apple confirmed the list of devices got affected by these vulnerabilities as below. And if you are a user of one of these devices, please update your iPhone or iPad with iOS 14.4 and iPadOS 14.4 ASAP. But keep in mind that it’s not yet 100% secure and Apple will update once security bugs fully patched.

  • iPhone 6S and later
  • iPad Air 2 and later
  • iPad Mini 4 and later
  • iPod Touch (7thGen)

The security bugs on iOS 14:

There were three security bugs found in iOS 14 where one in the OS kernel allowed hackers to exploit and elevate privileges. Apple found other two security bugs in the WebKit, which allowed attackers to execute malicious code via the Safari browser. All three security bugs could get access to your iPhone or iPad and possibly abstract the sensitive information.

Below is the information about iPadOS and iOS 14 security bugs published by Apple.

Kernel

Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited.

Description: A race condition was addressed with improved locking.

CVE-2021–1782: an anonymous researcher

WebKit

Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Description: A logic issue was addressed with improved restrictions.

CVE-2021–1871: an anonymous researcher

CVE-2021–1870: an anonymous researcher

Read full post at decoding.com.au

Also read:

6 Ultimate iOS 14 Privacy Features for Pro iPhone Users - Decoding

Apple always keeps improving its product line from every edge and doesn't matter its hardware or software. Recently…

decoding.com.au

Originally published at https://decoding.com.au on January 28, 2021.

IPhone
IOS
Security
Smartphones
Apple

--

--

RP
decoding.com.au

Written by RP

2 Followers
Editor for

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams