PSA: It’s time to update your Apple apparatus again. It’s true, you did only update them only lately, but Apple was alerted to a WebKit bug that may have been manipulated in the wild.This makes the second WebKit arbitrary code execution bug in as many months.
Last week Apple finally pushed out iOS 14.5, watchOS 7.4, along with macOS 11.3. They purchased some handy new features, like enabling Face ID to operate while wearing a mask. However, it seems there was a pesky vulnerability that came along for the ride. Today, Apple released a patch for this, and you might want to download it whenever possible. Apple says that hackers might be actively exploiting it.
“Processing maliciously crafted web content may lead to arbitrary code execution,” the patch notes . “Apple is aware of a report that this issue may have been actively exploited.”
The exposure is with WebKit, the applications responsible for rendering web content on Apple devices. The security flaw can allow a malicious website to execute arbitrary code on your Mac, iPhone, or even Apple watch. Updating to iOS/iPadOS 14.5.1, watchOS 7.4.1, and macOS 11.3.1 on newer apparatus should fix the issue. For older versions of iPad and iPhone, Apple patched iOS 12.5.3 to fix the hole.
This isn’t the first time WebKit has had difficulties after an upgrade. Back in March, WebKit suffered a virtually identical random code execution bug when iOS 14.4, watchOS 7.3.1, and macOS 11.2.2 launched. As far as Apple may tellthat insect was never manipulated, so this time round, it is a little more urgent to receive your devices updated.
Image credit: Africa Studio