Install These Security Updates Immediately for IOS, IPadOS, and WatchOS
Apple released fixes for iPhone, iPad and Apple Watch over the weekend that all users should install immediately. The patches fix a dangerous zero-day vulnerability actively exploited by hackers.
Clement Lesin and Billy Leonard of the Google Threat Analysis team discovered a bug in the WebKit browser engine that Safari uses in all Apple products.
Apple’s patch notes provide very little detail about the bug itself, so we know little about it, other than that “handling maliciously crafted web content could lead to universal cross-site scripting” and that this is a risk for all iPhones and iPads. and Apple Watch users, even if you’re not using Safari as your mobile web browsing app.
Even worse, Apple confirms that hackers are actively exploiting the bug to attack users. There is no word on how widespread the attacks are or how they are specifically carried out, but it is serious enough for the company to release crash fixes for the following devices:
iOS 14.4.2
- iPhone 6s and newer
- iPod touch (7th generation)
iPadOS 14.4.2
- iPad Pro
- iPad Air 2 and newer
- iPad 5th generation and newer
- iPad mini 4 and newer
iOS 12.5.2
- Iphone 5s
- IPhone 6
- iPhone 6 Plus
- iPad Air
- iPad mini 2
- iPad mini 3
- iPod touch (6th generation)
watchOS 7.3.3
- Apple Watch Series 3 and newer
Because we don’t know much about the “maliciously crafted web content” that hackers use to exploit the WebKit vulnerability, the only way to keep your devices and data safe is to patch all applicable Apple products you own.
Generally, updates should download automatically, but you can check for updates on your iPhone or iPad in Settings> General> Software Update.
To update your Apple Watch, open the Watch app on your iPhone and choose My Watch> General> Software Update, or open the Settings app on your Apple Watch and choose General> Software Update .