On January 26, Apple released a security update to resolve three zero-day vulnerabilities: CVE-2021-1780, CVE-2021-1781 Y CVE-2021-1782and advises all iOS and iPadOS users to update their operating systems.
According to available information, unknown actors could be using the three vulnerabilities as a chain of exploits, but with investigations underway, and for greater protection of users, Apple plans to delay the publication of more details.
To keep devices safe, Kaspersky experts recommend updating as soon as possible.
According to Apple’s website, the update is available for iPhone 6 and later, iPad Air 2 and later, iPad mini 4 and later, and 7th-generation iPod touch.
Although infecting an iPhone or iPad androot The device to intercept the data from it is a very difficult task, there is an effective method of infection: the so-called Drive-By-Download attack. The objective only has to visit a specific web page that contains a exploit It uses the vulnerability of the browser to execute the attackers’ code, which is dangerous because the attackers can later access valuable data in the browser. This scenario can be further developed by another exploitcapable of manipulating a vulnerability in the kernel of the operating system. This could allow attackers to break into the system and gain access to all data, including chats in social media and messaging apps, geolocation, call history, and corporate email. The scenario is extremely dangerous and OS Security Update 14.4 aims to counter it.
“Why is it so important to update as soon as possible? The possibility of falling into the aforementioned traps and scenarios is very high, as attackers tend to infect popular web platforms with a large audience for this type of attack. And the bigger it is, the greater the possibility of being affected ”, he comments Victor Chebyshev, Security Analyst at Kaspersky.
For more details, visit this link: https://latam.kaspersky.com/blog/update-ios-to-14-4-immediately/20936/