Apple decided to release the new iOS 14.4 and iPadOS 14.4 updates last Tuesday after a vulnerability was discovered by an anonymous researcher. The individual discovered that attackers can remotely hack certain models of iPhones, iPads, and iPods.
Ever since then, Apple has been proactive in letting its users know of the threats. It used its own support page to outline two security threats that were fixed by the latest OS update, version 14.4. According to Apple, both security threats have already been exploited.
As discovered by Apple, one vulnerability allowed remote hackers to access a device using WebKit, a web browser rendering engine. This means that attackers could control a phone “from a distance.”
Luta Security CEO and founder Katie Moussouris says that the threat is linked to internet browsing. The executive shared that “Your regular web browsing may cause you to be held compromised, without having to do really much of anything else.”
The other threat that Apple discovered is a malicious application that has the potential to elevate user privileges. The threat, known as a kernel vulnerability, is a more serious risk for users. Since the kernel is considered as “part of the brain of the operating system,” you’ll know that it is a serious problem.
Apple says that they have already fixed the vulnerabilities via their latest OS update. If you are an iOS and iPadOS user, it may be best that you upgrade your device.
Source: 1