Apple has just issued iOS 14.7.1—an urgent update that comes with an “important” security fix for an issue that is already being used by adversaries to attack iPhones.
For this reason, the iPhone maker says the iOS 14.7.1 update is urgent, and it is “recommended for all users.”
The issue patched in iOS 14.7.1 is a vulnerability in IOMobileFrameBuffer, a kernel extension for managing the screen framebuffer, that could allow an application to execute arbitrary code with kernel privileges. Apple says it is “aware of a report that this issue may have been actively exploited.”
It’s only been a week since Apple released iOS 14.7, which itself included critical security fixes, but did not address a vulnerability in iMessage that adversaries could have been taking advantage of to attack iPhones with the Pegasus spyware.
But Apple does not seem to have fixed the iMessage vulnerability in iOS 14.7.1, which Sean Wright, Immersive Labs’ SME application security lead, says is “surprising.”
Even so, he says it’s “good to see the vulnerability in iOS 14.7.1 being fixed, especially since it looks like it has been actively exploited.”
iOS 14.7.1—an urgent update for all iPhone users
Although Apple does provide a few details on security fixes, it does not include all of them until as many people as possible have updated their iPhones. But assume the iOS 14.7.1 security update is urgent, especially if you are a corporate Apple user or if you could be a target for attackers.
Yet Wright also points out that the issue fixed in iOS 14.7.1 might be quite hard for attackers to exploit, because it relies on you installing a malicious application. With this in mind, he also advises: “Only install apps from the official App Store and make sure you look at requested permissions—noticing if, for example, a flash light app is requesting access to your contacts—and reading user feedback/reviews.”
Apple’s iOS 14.7.1 is the latest in multiple iPhone updates taking place this year, with Apple seemingly scrambling to patch all the holes appearing in its iOS operating system. There could be many reasons for this: Attackers are targeting iPhones more, ethical hackers are finding holes more efficiently, or Apple has more issues with its OS than previously.
The latest upgrade also fixes a bug which meant iPhone models with Touch ID could not unlock a paired Apple Watch using the Unlock with iPhone feature.
The already exploited security vulnerabilities fixed in iOS 14.7.1 make this an important upgrade for your device. Wright says there is no need to panic, but “I would highly recommend people update as soon as they can, given there is reason to believe that this is being actively exploited.”
You know what to do: Don’t wait, update to iOS 14.7.1 now to keep your iPhone safe.
source : https://www.forbes.com/sites/kateoflahertyuk/2021/07/26/ios-1471-apple-issues-urgent-iphone-update-with-important-security-fixes/?sh=69a14a111df1
while I love the iphones and ipads devices, I cannot wait for the Google Pixel 6 and 6 pro devices I heard that Google is going all out and making them an ultra-premium device and they even made a custom chipset to go with. and the new information we are getting is that the camera is the best we have ever seen when compared to other top deceives.
Do you mind if I quote a couple of your posts as long as I provide credit and sources back to your webpage? My blog is in the very same niche as yours and my users would certainly benefit from some of the information you present here. Please let me know if this ok with you. Thanks a lot!
Hi Yen, would be a pleasure providing you information like this. Feel free to use this as your content and might as well tag us and repost us on your post.