Updated News Around the World
Technology

Apple issued a serious warning to all iPhone users – read it right here

By Andrew McCollum

Apple earlier this week released iOS 14.6, a seemingly minor update without all of the bells and whistles that accompanied the iOS 14.5 release in late April. Still, the latest iOS update has numerous security fixes, which is to say that you’d be well advised to update your iPhone immediately, even if your device is already running smoothly.

All told, iOS 14.6 contains 43 security vulnerabilities, with a few of them warranting serious attention. According to an Apple support document, the update addresses a handful of security vulnerabilities that could enable a malicious actor to remotely execute code on a device.

Today’s Top Deal ? Price mistake alert ? Coupon code H7RT953B plus an accidental extra discount slash #1 smart plugs to $3.75! List Price:$24.99 Price:$14.99 You Save:$10.00 (40%) Available from Amazon, BGR may receive a commission Buy NowCoupon Code: H7RT953B Available from Amazon BGR may receive a commission

As security expert Sean Wright told Forbes, the security flaws addressed by the latest iOS update are “pretty much as bad as it gets.”

While there’s no indication that any of the security issues Apple listed were actively exploited in the wild, it only makes sense to update your device as soon as possible. As a point of interest, Apple notes that a few of the flaws were unearthed by security researchers working for Trend Micro, a multi-national cybersecurity company.

Some of the specific security and performance issues addressed by the update are listed below:

Security

  • Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
  • Impact: processing a maliciously crafted certificate may lead to arbitrary code execution
  • Description: a memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code.
  • CVE-2021-30737: xerub

Audio

  • Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
  • Impact: processing a maliciously crafted audio file may lead to arbitrary code execution
  • Description: this issue was addressed with improved checks.
  • CVE-2021-30707: hjy79425575 (working with Trend Micro Zero Day Initiative)

ImageIO

  • Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
  • Impact: processing a maliciously crafted image may lead to arbitrary code execution
  • Description: this issue was addressed with improved checks.
  • CVE-2021-30701: Mickey Jin (@patch1t) of Trend Micro and Ye Zhang of Baidu Security

Kernel

  • Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
  • Impact: a malicious application may be able to execute arbitrary code with kernel privileges
  • Description: a logic issue was addressed with improved validation.
  • CVE-2021-30740: Linus Henze (pinauten.de)

Model I/O

  • Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
  • Impact: processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution
  • Description: a memory corruption issue was addressed with improved state management.
  • CVE-2021-30725: Mickey Jin (@patch1t) of Trend Micro

WebKit

  • Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
  • Impact: processing maliciously crafted web content may lead to universal cross-site scripting
  • Description: a logic issue was addressed with improved state management.
  • CVE-2021-30689: an anonymous researcher

Looking ahead, it stands to reason that subsequent iOS 14 updates will be few and far in between. Especially with iOS 15 set to be unveiled at WWDC in about a week, any exciting new iOS features Apple has in the works will be part of that release later this year.

Today’s Top Deal Prime Day 2021 started early for the Fire TV Stick 4K — just $29.99 with coupon code HELLOFTV! List Price:$39.99 Price:$29.99 You Save:$10.00 (25%) Available from Amazon, BGR may receive a commission Buy NowCoupon Code: HELLOFTV Available from Amazon BGR may receive a commission

A life long Mac user and Apple enthusiast, Yoni Heisler has been writing about Apple and the tech industry at large for over 6 years. His writing has appeared in Edible Apple, Network World, MacLife, Macworld UK, and most recently, TUAW. When not writing about and analyzing the latest happenings with Apple, Yoni enjoys catching Improv shows in Chicago, playing soccer, and cultivating new TV show addictions, the most recent examples being The Walking Dead and Broad City.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! NewsUpdate is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.

Andrew McCollum 109721 posts 0 comments