Apple Urges Immediate iPhone Update to Block Active Online Hacks

Apple Urges Immediate iPhone Update to Block Active Online Hacks

There’s a new version of Apple’s iOS software for iPhone and iPad devices, and as usual, Apple is going to start pestering users to update. This time, the nagging comes with a little more urgency. According to Apple, iOS 14.4 includes several important fixes for vulnerabilities that are being actively exploited in the wild.

There are three bugs addressed in the new update: CVE-2021-1782, which is a kernel vulnerability, along with CVE-2021-1871 and CVE-2021-1870 in the WebKit browser engine. Apple notes in the security update alert that all three issues may have been “actively exploited.” That means someone other than Apple and the anonymous researcher who reported the bugs knows about them and is using them to compromise devices. How many devices? Apple won’t say. It could be a highly targeted campaign aimed at a single company or organization, or it could be widespread enough that you should avoid coffee shop Wi-Fi.

Apple is urging everyone to update to iOS 14.4 as quickly as possible. However, it has not provided any details on the nature of the bugs. While the vulnerabilities are floating around in some circles, the internet at large doesn’t know how the exploits work. The more details Apple provides, the easier it’ll be for others to figure it out. Apple will release more details “soon,” but it might be a formality at that point.

Apple (and Google, for that matter) rolls out regular patches that fix bugs and vulnerabilities, but most of the security holes are minor, or at least undisclosed. The goal is to get everyone updated before the specifics of the flaw become public. This was the case in early 2020 when Google discovered a major iOS Wi-Fi vulnerability. It was reported privately to Apple and patched before anyone could use it against iPhone owners. Well, unless you never updated, in which case, you’re in trouble. That trouble is compounded if you don’t update now.

Apple Urges Immediate iPhone Update to Block Active Online Hacks

Unfortunately, Apple’s reputation on updates isn’t as sterling as it once was. The performance and battery changes Apple made in the name of optimizing older phones got it in hot water, leading to a $500 million “Batterygate” class action judgment in 2020. The follow-on effect is that some iPhone users have learned to be distrustful of iOS updates. That’s a problem at times like this when there are critical flaws in the OS that have become the basis for damaging hacks.

Most iPhone and iPad owners should be able to get the update for their devices. Apple says iOS 14.4 compatibility goes all the way back to the iPhone 6S, iPad Air 2, iPad Mini 4, and 7th Gen iPod Touch. If you’ve got one of these devices or something newer, iOS 14.4 should be available in your settings.

Continue reading

Protect Your Online Privacy With the 5 Best VPNs
Protect Your Online Privacy With the 5 Best VPNs

Investing in a VPN is a smart choice right now, but the options are vast. To help narrow things down a bit, we've rounded up five of our very favorite consumer services.

Chromebooks Gain Market Share as Education Goes Online
Chromebooks Gain Market Share as Education Goes Online

Chromebook sales have exploded in the pandemic, with sales up 90 percent and future growth expected. This poses some challenges to companies like Microsoft.

The PlayStation 5 Will Only Be Available Online for Launch Day
The PlayStation 5 Will Only Be Available Online for Launch Day

The PlayStation 5 isn't going to be available in stores on launch day, and if you want to pick up an M.2 SSD to expand its storage, you'll have some time to figure out that purchase.

NASA Puts Its Space Rock Collection Online
NASA Puts Its Space Rock Collection Online

Getting these precious samples ready for their online debut wasn't as simple as snapping a few photos and slapping some HTML together.