While we’re still anxiously waiting iOS 14.5 to land, Apple hasn’t stopped working on smaller updates to the iPhone and iPad.
On Monday, Apple pushed iOS 14.4.1 to all compatible devices, bringing with it important security updates. The release notes are very technical, but it appears to target a specific vulnerability that poses a risk to the Webkit rendering engine used by Safari (and third party browsers). Here are the security release notes:
- Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: A memory corruption issue was addressed with improved validation.
- CVE-2021-1844: Clément Lecigne of Google’s Threat Analysis Group, Alison Huffman of Microsoft Browser Vulnerability Research
“Arbitrary code execution” is just about the three worst words in web security, so you should probably grab this update soon.
You can update your iPhone or iPad by heading to the Settings app, tapping the General tab and then Software Update. The update is 143.3MB.
Apple Watch users can also update their watches to watchOS 7.3.2 that includes the same Webkit fix.
Michael Simon has been covering Apple since the iPod was the iWalk. His obsession with technology goes back to his first PC—the IBM Thinkpad with the lift-up keyboard for swapping out the drive. He's still waiting for that to come back in style tbh.