A set of updates were sent by Apple to their various machines out in the wild over the past week that you should be aware of. For the iPhone, we’re talking about iOS 14.7.1 and the security content therein. If you’ve already updated your iPhone to iOS 14.7.1 and do not own any other Apple products, you’re good! You can rest easy in the knowledge that you will not have your device’s previously vulnerable bits exploited.
On July 26, 2021, Apple released iOS 14.7.1 and iPadOS 14.7.1. Both of these bits of software fixed a variety of issues, one of which we’re taking a closer look at today. Per the Apple announcement about the security issue, iOS 14.7.1 and iPadOS 14.7.1 fix “a memory corruption issue” by delivering “improved memory handling.”
If you’re using an iPad, you’ll need to update to iOS 14.7.1, just as much as an iPhone user needs to update to the iOS software with the same version number. As is true with iOS, so too was iPadOS vulnerable to the issue.
Per Apple, “an application may be able to execute arbitrary code with kernel privileges.” The company posted this announcement with code CVE-2021-30807, giving credit to “an anonymous researcher” in the process. Apple added that they are “aware of a report that this issue may have been actively exploited.”
This update delivers a fix with “IOMobileFrameBuffer” in the mix for iPhone 6s and later, iPod touch (7th gen), iPad mini 4 and later, iPad 5th gen and later, iPad Air 2 and later, and all models of iPad Pro.
If you have an Apple desktop computer running MacOS, you should also make certain you have the most updated version of your operating system. Apple released a very similar statement to the one for mobile devices, this time aimed at macOS Big Sur 11.5.1. This very similar issue was address “with improved memory handling.”