It has only been a few days since Apple released the latest iPhone system with iOS 14.7. Now the company is stepping up – and closing more than a dozen security holes.
When it comes to operating system updates, summer is usually a quiet time at Apple. The next big updates for iPhone, Mac and Co. have already been presented at the in-house exhibition WWDC (you can find out more here), so big leaps are not expected. But now the company has released the second update for iPhone, iPad and Mac in just one week. And Apple users should install that as soon as possible.
The gap is actively used
Because the group combines the update with an unusually clear warning. “Apple is aware of reports that this problem is being actively exploited,” said an information page about the vulnerability known as “CVE-2021-30807”. Together with the description of the vulnerability, this is definitely a cause for concern: The bug that was fixed made it possible to “execute arbitrary code with kernel rights” by corrupting the working memory, ie at the highest security level of the system.
In the industry there are corresponding assumptions that it could be the loophole that allowed the hacking tool Pegasus to take over the entire system. The program developed by the Israeli NSO Group made headlines because it allowed attackers full access to all smartphone content such as chats, cameras and microphones. Apple did not comment on such inquiries, only stated that the loophole had been discovered by an anonymous tipster.
Install iOS 14.7.1: So you have to proceed
The gap is closed by downloading and installing the latest systems for iPhone (iOS 14.7.1), iPad (iPadOS 14.7.1) or macOS (Big Sur 11.5.1). The updates can be found in the settings under “General” and “Software update” (iPhone and iPad) or only “Software update” (Mac). There you can also see whether the update has already been installed automatically. If this is not the case, you should do it as soon as possible. The update is available for all iPhones and iPads that support iOS 14.
The drastic vulnerability is not the only bug that has been fixed. On the iPhone, the update to 14.7.1 ensures that the activation of an Apple Watch by unlocking the paired iPhone works again. The error only appeared with the update to iOS 14.7, Apple had promised a quick solution.
The CVE-2021-30807 vulnerability is the 13th zero-day exploit that Apple closes this year, the experts from “Security Week” said in a blog post. The term describes errors that are not publicly known and allow particularly deep intervention in the system. These types of gaps are considered particularly dangerous. If attackers succeed in exploiting them, they can act largely undisturbed in the system until they are discovered. This discovery is difficult for users: Apple’s mobile systems offer strong protection against malware, but there is no way to increase protection by third-party programs.
David William is a talented author who has made a name for himself in the world of writing. He is a professional author who writes on a wide range of topics, from general interest to opinion news. David is currently working as a writer at 24 hours worlds where he brings his unique perspective and in-depth research to his articles, making them both informative and engaging.
