Apple releases zero-day security vulnerability patch for Macs, iPhones, iPads | #ios | #apple | #iossecurity | #cybersecurity | #infosecurity | #hacker

Last updated on
Jul 31, 2021, 03:05 pm

Apple releases urgent security patch for devices running iOS, iPadOS, macOS

Last week, Apple released the iOS version 14.7 update for iPhones. However, it accidentally interrupted the “Unlock with iPhone” feature that Apple Watch users relied on to access the wearable.

To fix it, Apple recently pushed another update for iOS apart from iPadOS and macOS. These updates also patch a zero-day vulnerability, attributed to an anonymous researcher, that caused memory corruption in Apple devices.

Patch re-enables Apple Watch functionality lost with iOS 14.7

Apple’s latest patch for iOS re-enables the ability to unlock your Apple Watch if your iPhone is close by. The error was introduced by Apple’s previous update to the operating system that brought support for its newly-introduced MagSafe-compatible wireless power bank.

However, even if you don’t have an Apple Watch, you should still install Apple’s urgent update.

Security patch prevents misuse of screen framebuffer kernel component

Addressing the thirteenth zero-day security vulnerability this year, Apple’s newest update for iOS (version 14.7.1), iPadOS version 14.7, and macOS version 11.5 fixes a memory corruption issue identifiable uniquely by the code CVE-2021-30807.

The issue was caused by a kernel component responsible for managing the screen framebuffer that could be misused to execute malicious code with kernel-level privileges.

Apple credits vulnerability’s discovery to anonymous researcher

Apple noted that it was “aware of a report that this issue may have been actively exploited.” In such instances, Apple redacts additional information about the vulnerability to prevent further misuse and to maintain the integrity of the security patch.

Apple credited an anonymous researcher with the discovery of this vulnerability. However, one cannot help but note that the Pegasus malware is also rampant.

Pegasus malware link could have fueled Apple’s urgency

The Hacker News reported that the timing of this security patch indeed raises questions about possible links to the Pegasus malware that has been the center of media attention of late.

Nevertheless, we strongly advise you to install the security patch on all your Apple devices at the earliest to plug the vulnerability and regain the lost Apple Watch feature if you’re on iOS.

Original Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App







National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.