We select and review products independently. When you purchase through our links we may earn a commission. Learn more.

Update Your iPhone, iPad, and iPod Touch Now to Patch a Critical Security Flaw

An iPad with sickly greens on the screen.

In a surprising admission, Apple says it’s sending out an update for iOS and iPadOS to fix vulnerabilities that hackers are actively abusing. According to Apple, the bugs allowed remote actors to “cause arbitrary code execution,” which is a serious issue. You should update your devices to iOS and iPadOS 14.4 as soon as possible.

The news comes via Apple’s support page for iOS 14.4. In it, Apple states under the Kernel and Webkit section:

Impact: A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Companies realizing potential vulnerabilities may exist, and closing those holes isn’t uncommon. But it’s a rare admission from Apple to see it didn’t catch the problem before hackers starting abusing the bug. Precisely what the bad actors have accomplished isn’t clear, but the ability to execute arbitrary code is cause for alarm.

Unfortunately, we know very little as Apple didn’t provide any details. We can’t be sure how many people were affected or what the hackers managed to accomplish. With the right chain of events, it could be very bad, but it’s just as possible that the overall effect is relatively benign. But all things considered, the former is much more likely. Especially given that it’s multiple vulnerabilities that could be used in tandem.

Apple says it will release more details later, and that’s likely to be sometime after 14.4 is widely adopted. Providing more information now could give other hackers the means to reproduce the vulnerability before everyone is protected.

If you an iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation), check for updates right now. Or, if you’re not on Wi-Fi, get the update as soon as you can. Better safe than sorry.

via TechCrunch

Josh Hendrickson Josh Hendrickson
Josh Hendrickson is the Editor in Chief of Review Geek and is responsible for the site's content direction. He has worked in IT for nearly a decade, including four years spent repairing and servicing computers for Microsoft. He’s also a smart home enthusiast who built his own smart mirror with just a frame, some electronics, a Raspberry Pi, and open-source code. Read Full Bio »