apple releases iphone, ipad and watch security patches for zero-day bug under active attack
Apple Releases Urgent Security Updates for iPhones, iPads, and Watches
Apple has issued a software update for its iPhone, iPad, and Watch devices. This update is designed to address a security flaw that is currently being exploited by malicious actors.
Details of the Update
The security enhancements are delivered as iOS 14.4.2 and iPadOS 14.4.2. Older devices also receive protection with iOS 12.5.2. Furthermore, watchOS has been updated to version 7.3.3.
Vulnerability Discovered in WebKit
According to Apple, the security vulnerability was identified by researchers from Google’s Project Zero. It is believed that this flaw is already being actively used in attacks. The issue resides within WebKit, which is the browser engine powering Safari across all Apple platforms.
The scope of the exploitation, including the identity of the attackers and potential victims, remains unclear. Apple has not specified whether the attack is limited to a small group or is more widespread.
This marks the third instance this year where Apple has released a security-focused update to rectify vulnerabilities under active exploitation. Similar patches for WebKit flaws were deployed earlier in the month.
Users are encouraged to install the update promptly.
Further Reading
Read more on TechCrunch:
- The disconnect between Y Combinator Demo Day and due diligence
- Jeff Bezos’ investment fund is backing a startup hoping to be the AWS for SMB accounting
- A new Android spyware masquerades as a ‘system update’
- FatFace tells customers to keep its data breach ‘strictly private’
- Amazon goes on the offensive ahead of next week’s union vote counting
- This Week in Apps: App Store bills gets ghosted, Dispo drama, Facebook’s Clubhouse clone
- Facebook caught Chinese hackers using fake personas to target Uyghurs abroad
For secure communication, send tips via Signal and WhatsApp to +1 646-755-8849. Alternatively, utilize SecureDrop for file and document submissions.
Early Stage provides valuable insights for startup entrepreneurs and investors. Learn directly from successful founders and VCs about building businesses, securing funding, and portfolio management. Sessions cover fundraising, recruitment, sales, product-market fit, PR, marketing, and branding, with dedicated time for audience Q&A. Apply the code “TCARTICLE” during checkout for a 20% discount on tickets.
Zack Whittaker
Contacting Zack Whittaker
Zack Whittaker currently serves as the security editor for TechCrunch, a prominent technology news outlet.
In addition to his editorial role, he curates and distributes a weekly cybersecurity focused newsletter titled "this week in security."
Secure Communication Channels
For those seeking to reach Mr. Whittaker through encrypted messaging, he is available on Signal under the username zackwhittaker.1337.
Alternative methods of contact include email. His official TechCrunch email address is zack.whittaker@techcrunch.com.
To ensure the legitimacy of any outreach, verification can be requested through the aforementioned email address.
Important Note: Utilizing the provided email is recommended for verifying any communication claiming to be from Zack Whittaker.