Apple has released a new 14.4.2 update for iOS and iPadOS and it is worth iPhone and iPad users applying the software upgrade as soon as possible, due to the security risks posed by not updating. Although Apple’s ecosystem tends to be considered a safe option in general, the number of attacks and vulnerabilities have increased in recent times.
On the whole, iPhone and iPad products offer a good level of security. However, no operating system can offer complete protection all of the time. Not only has there been an escalation in the number of hackers and scammers directly targeting the iOS ecosystem, but occasionally vulnerabilities can emerge organically. In January, Apple released an iOS 14.4 update which looked to directly address a number of security flaws that had surfaced and thought to have been actively exploited.
Apple has now released a new security notice explaining another vulnerability that has come to light. Similar to the January update, Apple has once confirmed the possibility that the latest vulnerability has also been actively exploited. In the security announcement, Apple explains the iOS 14.4.2 update is now available to download on all iPhone models dating back to the iPhone 6s. Likewise, the iPadOS 14.4.2 update is available for iPad fifth generation and newer, iPad Air 2 and newer, iPad mini 4 and newer, as well as the seventh-generation iPod touch and all iPad Pro models.
The Latest iPhone & iPad Vulnerability
Apple tends not to provide specific details on many vulnerabilities and especially while they are still active and/or being investigated. However, the security notice does explain that the latest iPhone and iPad issue relates to maliciously crafted web content that could lead to universal cross-site scripting. In other words, the vulnerability could allow for websites and web applications to inject a malicious script that makes it possible for the script's creators to access additional information and data shared by the user on other websites and pages. While not a serious issue for any users that don’t visit one of the malicious sites to begin with, it still has the potential to be a problem. Users can manually initiate the update on their device by heading to Settings, followed by General and then Software Update.
Apple actually released another security update more recently than the one in January. In addition, the 14.4.1 security update applied to a greater number of users considering it not only affected iPhone and iPad devices, but also Mac and Apple Watch products as well. However, the difference here is the actively exploited aspect. It is one thing to know that a vulnerability exists, but it’s quite another when it has already been taking advantage of. Due to this, it is important for any current iPhone and iPad users to update their Apple devices as soon as possible to ensure they are protected from the latest known threat.
Source: Apple