iOS 14.5.1, iPadOS 14.5.1 and WatchOS 7.4.1 Released

enaph · May 3, 2021

This update fixes an issue with App Tracking Transparency where some users who previously disabled Allow Apps to Request to Track in Settings may not receive prompts from apps after re-enabling it.
This update also provides important security updates and is recommended for all users:

WebKit

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Description: A memory corruption issue was addressed with improved state management.

CVE-2021-30665: yangkang (@dnpushme)&zerokeeper&bianliang of 360 ATA

WebKit

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Description: An integer overflow was addressed with improved input validation.

CVE-2021-30663: an anonymous researcher

F 4 E · May 4, 2021

Done on both my iPhone XS, and my 8 year old iPad Mini 2 !

As usual, took a while to prepare the updates, otherwise no issues.

Nevi · May 4, 2021

Thank you very much. I'm downloading to my 12 as we speak.

Gandalf_The_Grey · May 4, 2021

Apple Fixes Zero‑Day Security Bugs Under Active Attack:

Patch Fast!
Per usual, Apple’s lip is zipped. But one thing’s for sure: Patching as soon as possible is top priority. As it is, the chance for websites passing along “maliciously crafted web content” is alarming. If you translate Apple’s statement that “processing maliciously crafted web content may lead to arbitrary code execution, “you get a “drive-by, web-based zero-day RCE exploit, according to Ducklin.

In other words, all you have to do to trigger infection is to visit and view a booby-trapped website.

Apple Fixes Zero‑Days Under Active Attack

It thinks all of them may have been exploited in the wild. Three of these are zero-day flaws, while one is an expanded patch for a fourth vulnerability. Apple keeps details of security problems close to the vest, “for our customers’ protection,” saving the blood and guts until after it...

threatpost.com

[correlate] · Jul 26, 2021

Apple fixes zero-day affecting iPhones and Macs, exploited in the wild
Apple has released security updates to address a zero-day vulnerability exploited in the wild and impacting iPhones, iPads, and Macs.

Apple fixes zero-day affecting iPhones and Macs, exploited in the wild

Apple has released security updates to address a zero-day vulnerability exploited in the wild and impacting iPhones, iPads, and Macs.

www.bleepingcomputer.com

JB007 · Jul 26, 2021

Correlate said:
Apple fixes zero-day affecting iPhones and Macs, exploited in the wild

Apple has released security updates to address a zero-day vulnerability exploited in the wild and impacting iPhones, iPads, and Macs.

www.bleepingcomputer.com

Thanks, just downloading it

Search

iOS 14.5.1, iPadOS 14.5.1 and WatchOS 7.4.1 Released

enaph

Level 28

F 4 E

Level 3

Nevi

Level 11

Gandalf_The_Grey

Level 76

Apple Fixes Zero‑Days Under Active Attack

[correlate]

Level 18

Apple fixes zero-day affecting iPhones and Macs, exploited in the wild

JB007

Level 26

Apple fixes zero-day affecting iPhones and Macs, exploited in the wild

Similar threads