Security News > 2021 > October > Apple Patches Critical iOS Bugs; One Under Attack
Apple lovers who haven't yet updated to iOS 15, you may want to pop into Settings to freshen up your iPhone now: Apple has released several critical security updates that might light a fire under your britches.
On Monday and Tuesday, Apple released iOS 14.8.1, iPadOS 14.8.1, watchOS 8.1 and tvOS 15.1, patching 24 CVEs in total.
Apple's security page has all the details about the CVEs, which include multiple issues in iOS components that, if exploited, could lead to arbitrary code execution, sometimes with kernel privileges that would let an attacker get to the heart of the operating system.
Understandably, Apple keeps a lid on details that might help more attackers do damage.
Malwarebyte Labs has a nice rundown on other security-related bugs that stand out in the two dozen CVEs Apple addressed this week.
Earlier this year, Apple announced that it was giving users a choice: They could update to iOS 15 as soon as it's released, or stay on iOS 14 but still get important security updates until they're ready to upgrade.
News URL
https://threatpost.com/apple-patches-ios-bugs/175803/
Related news
- Apple Backports Critical Fixes for 3 Recent 0-Days Impacting Older iOS and macOS Devices (source)
- Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks (source)
- Critical GitHub Attack (source)
- Critical Cisco Smart Licensing Utility flaws now exploited in attacks (source)
- Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility (source)
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)
- Critical auth bypass bug in CrushFTP now exploited in attacks (source)
- Apple Rolls Out iOS 18.4 With New Languages, Emojis & Apple Intelligence in the EU (source)
- Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)
- iOS devices face twice the phishing attacks of Android (source)