Apple Urges Immediate iPhone Update to Block Active Online Hacks
There’s a new version of Apple’s iOS software for iPhone and iPad devices, and as usual, Apple is going to start pestering users to update. This time, the nagging comes with a little more urgency. According to Apple, iOS 14.4 includes several important fixes for vulnerabilities that are being actively exploited in the wild.
There are three bugs addressed in the new update: CVE-2021-1782, which is a kernel vulnerability, along with CVE-2021-1871 and CVE-2021-1870 in the WebKit browser engine. Apple notes in the security update alert that all three issues may have been “actively exploited.” That means someone other than Apple and the anonymous researcher who reported the bugs knows about them and is using them to compromise devices. How many devices? Apple won’t say. It could be a highly targeted campaign aimed at a single company or organization, or it could be widespread enough that you should avoid coffee shop Wi-Fi.
Apple is urging everyone to update to iOS 14.4 as quickly as possible. However, it has not provided any details on the nature of the bugs. While the vulnerabilities are floating around in some circles, the internet at large doesn’t know how the exploits work. The more details Apple provides, the easier it’ll be for others to figure it out. Apple will release more details “soon,” but it might be a formality at that point.
Apple (and Google, for that matter) rolls out regular patches that fix bugs and vulnerabilities, but most of the security holes are minor, or at least undisclosed. The goal is to get everyone updated before the specifics of the flaw become public. This was the case in early 2020 when Google discovered a major iOS Wi-Fi vulnerability. It was reported privately to Apple and patched before anyone could use it against iPhone owners. Well, unless you never updated, in which case, you’re in trouble. That trouble is compounded if you don’t update now.
Unfortunately, Apple’s reputation on updates isn’t as sterling as it once was. The performance and battery changes Apple made in the name of optimizing older phones got it in hot water, leading to a $500 million “Batterygate” class action judgment in 2020. The follow-on effect is that some iPhone users have learned to be distrustful of iOS updates. That’s a problem at times like this when there are critical flaws in the OS that have become the basis for damaging hacks.
Most iPhone and iPad owners should be able to get the update for their devices. Apple says iOS 14.4 compatibility goes all the way back to the iPhone 6S, iPad Air 2, iPad Mini 4, and 7th Gen iPod Touch. If you’ve got one of these devices or something newer, iOS 14.4 should be available in your settings.
Continue reading
Third-Party Repair Shops May Be Blocked From Servicing iPhone 12 Camera
According to a recent iFixit report, Apple's hostility to the right of repair has hit new heights with the iPhone 12 and iPhone 12 Pro.
Nvidia, Google to Support Cloud Gaming on iPhone Via Web Apps
Both Nvidia and Google have announced iOS support for their respective cloud gaming platforms via progressive web applications. Apple can't block that.
Google Uncovers iPhone Exploit That Can Steal Data Over Wi-Fi
According to Ian Beer of Google's Project Zero security team, the flaw allowed him to steal photos from any iPhone just by pointing a Wi-Fi antenna at it.
Stadia Is Now Playable on iPhone Thanks to Google’s New Web App
Google promised iPhone support, but Apple's App Store policies got in the way. Now, there's finally a way to play Stadia on iOS — just fire up Safari and go to the Stadia site to use the new progressive web app.