There are two security risks in iPad and iPhone devices that are being used by hackers. It’s important to get the latest iOS update to protect your devices.
Some Apple updates are bug fixes or self-serving for Apple to add links to new devices or services. 14.4 is a little different because it has vital security bug fixes that are being exploited ‘in the wild’.
Join Office Watch for Apple for everyone with Microsoft Office on a Mac, iPhone or iPad. Special coverage for anyone using Office on their Apple devices. Don't miss the next issue
Go to Settings | General | Software Update to see if iOS 14.4 (iPhone) or iPadOS 14.4
The update, as usual, requires a restart of the device which takes about 10 minutes. We usually do the updating just before lunch or leave it overnight.
After any iOS update it’s a good idea to check for app updates (App Store | Account (top right) | look for updates list | Update All. There are often app revisions waiting for the latest iOS release before becoming available.
Kudos to Apple for their clear and unambiguous disclosure of the two security problems. Unlike Microsoft’s masterful obfuscation and maze of web pages, Apple is more ‘up front’.
The two possible hacks are summarised on a single page.
- A malicious application may be able to elevate privileges
- A remote attacker may be able to cause arbitrary code execution.
And confirming “…this issue may have been actively exploited.”