iOS 14.5.1, iPadOS 14.5.1 and WatchOS 7.4.1 Released

[enaph]

This update fixes an issue with App Tracking Transparency where some users who previously disabled Allow Apps to Request to Track in Settings may not receive prompts from apps after re-enabling it.
This update also provides important security updates and is recommended for all users:

WebKit

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Description: A memory corruption issue was addressed with improved state management.

CVE-2021-30665: yangkang (@dnpushme)&zerokeeper&bianliang of 360 ATA

WebKit

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Description: An integer overflow was addressed with improved input validation.

CVE-2021-30663: an anonymous researcher

 

[F 4 E]

Done on both my iPhone XS, and my 8 year old iPad Mini 2 !

As usual, took a while to prepare the updates, otherwise no issues.

 

[Nevi]

Thank you very much. I'm downloading to my 12 as we speak.

 

[Gandalf_The_Grey]

Apple Fixes Zero‑Day Security Bugs Under Active Attack:

Patch Fast!
Per usual, Apple’s lip is zipped. But one thing’s for sure: Patching as soon as possible is top priority. As it is, the chance for websites passing along “maliciously crafted web content” is alarming. If you translate Apple’s statement that “processing maliciously crafted web content may lead to arbitrary code execution, “you get a “drive-by, web-based zero-day RCE exploit, according to Ducklin.

In other words, all you have to do to trigger infection is to visit and view a booby-trapped website.

Apple Fixes Zero‑Days Under Active Attack

It thinks all of them may have been exploited in the wild. Three of these are zero-day flaws, while one is an expanded patch for a fourth vulnerability. Apple keeps details of security problems close to the vest, “for our customers’ protection,” saving the blood and guts until after it...

threatpost.com

 

[[correlate]]

Apple fixes zero-day affecting iPhones and Macs, exploited in the wild
Apple has released security updates to address a zero-day vulnerability exploited in the wild and impacting iPhones, iPads, and Macs.

Apple fixes zero-day affecting iPhones and Macs, exploited in the wild

Apple has released security updates to address a zero-day vulnerability exploited in the wild and impacting iPhones, iPads, and Macs.

www.bleepingcomputer.com

 

[JB007]

Apple fixes zero-day affecting iPhones and Macs, exploited in the wild

Apple has released security updates to address a zero-day vulnerability exploited in the wild and impacting iPhones, iPads, and Macs.

www.bleepingcomputer.com

Thanks, just downloading it