Home » today » Technology » Apple releases iOS 14.8 to the public to bolster iPhone security

Apple releases iOS 14.8 to the public to bolster iPhone security

by

Possibly we will be a few hours away from the release of iOS 15, iPadOS 15, watchOS 8, tvOS 15 and macOS 12 Monterey. However, Apple is today releasing a major update, which fixes security issues, for the current official release. So, update your Apple devices to iOS 14.8, watchOS 7.6.2, iPadOS 14.8, and macOS Big Sur 11.6 now.

The Cupertino company says the updates address security vulnerabilities that “may have been actively exploited”.

Apple releases update to reinforce the inviolability of its devices


According to the document published by Apple, iOS 14.8 and iPadOS 14.8 both address CoreGraphics and WebKit vulnerabilities that may have been actively exploited.  The CoreGraphics vulnerability was reported by The Citizen Lab, which discovered an iPhone zero-click attack which defeated Apple's Blastdoor protections in August.


The vulnerability reported by The Citizen Lab is believed to have been used to target Bahraini activists whose iPhones were successfully hacked with the spyware Pegasus do NSO Group.


According to Apple iOS 14.8 and iPadOS 14.8 bring fixes for:




CoreGraphics


Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)


Impact: Processing a maliciously crafted PDF can lead to arbitrary code execution.  Apple is aware of a report that this issue may have been actively explored.


Description: An integer overflow has been addressed with better input validation.


CVE-2021-30860: The Citizen Lab


WebKit


Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)


Impact: Processing maliciously crafted content on the web can lead to arbitrary code execution.  Apple is aware of a report that this issue may have been actively explored.


Description: A use after free issue has been addressed with better memory management.


CVE-2021-30858: an anonymous investigator




For full details about the updates made available today, you can follow these links:


						-






Related posts:
The Quantic Lab test studio is still responsible for Cyberpunk 2077's poor state at the time of rele...
Voyager 1 Spacecraft Sends Mysterious Data, Confuses Scientists
Just after testing in the US and Canada, Fb will shut down its Nextdoor clone up coming thirty day p...
Kia unveils rejuvenated Ceed, premiere tomorrow

Gas and electricity prices are skyrocketing: why and what can we do about it?

Robert ten Brink: ‘François is the real Mister Lingo’ | Stars

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.