National

Update your iPhone: New Apple updates fix potentially ‘exploited’ security flaws

By Dawson White

January 27, 2021 10:57 AM

FILE - In this Aug. 7, 2017 file photo, the Apple logo at a store in Hialeah, Fla. (AP Photo/Alan Diaz, File) Alan Diaz AP

Apple released an update for iOS 14 to fix security vulnerabilities that it says “may have been actively exploited” by hackers.

The tech giant posted the news to its website Tuesday, announcing that it had released an update to patch three issues on the iPhone 6 and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation).

Apple didn’t go into much detail, explaining that “for our customers’ protection, Apple doesn’t disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available.”

The issues are related to Apple’s WebKit — which CNN reports is an open-source browser that powers Safari and other iOS browsers — and Kernel, which TechCrunch called “the core of the operating system.”

Through the WebKit flaw, Apple said hackers “may be able to cause arbitrary code execution.” Through the Kernel vulnerability, Apple says “malicious application may be able to elevate privileges.”

To quote Jack Morse at Mashable, both are “not good.”

Apple said the issues were discovered by anonymous researchers and that more details would be available soon.

Downloading the new iOS 14.4 software for iPhones and iPads will patch these security vulnerabilities and also fix keyboard lag while equipping cameras to read smaller QR codes, CNN reported.

Back in November, Apple released iOS 14.2, which fixed 24 vulnerabilities on iPhones and iPads, Threat Post reported. The most recent flaws weren’t known at the time of that release, according to the outlet.

It’s not uncommon for hackers to gain access to devices through security updates.

According to Mashable, one Chinese hacking team’s whole technique was to wait for a company to announce a vulnerability then hack those who didn’t immediately update.

So don’t let that be you: Update your iPhone or iPad.

This story was originally published January 27, 2021 at 10:57 AM with the headline "Update your iPhone: New Apple updates fix potentially ‘exploited’ security flaws."

Dawson White

The Kansas City Star

816-234-4233

Dawson covers goings-on across the central region, from breaking to bizarre. She has an MSt from the University of Cambridge and lives in Kansas City.

Related Stories from Raleigh News & Observer

Spicy chicken nuggets return to McDonald’s — for a limited time. Here’s what to know

New Chick-fil-A chicken sandwich just arrived at restaurants. Here’s what to know

Get unlimited digital access

#ReadLocal