Security News > 2021 > October > Apple Patches Critical iOS Bugs; One Under Attack
Apple lovers who haven't yet updated to iOS 15, you may want to pop into Settings to freshen up your iPhone now: Apple has released several critical security updates that might light a fire under your britches.
On Monday and Tuesday, Apple released iOS 14.8.1, iPadOS 14.8.1, watchOS 8.1 and tvOS 15.1, patching 24 CVEs in total.
Apple's security page has all the details about the CVEs, which include multiple issues in iOS components that, if exploited, could lead to arbitrary code execution, sometimes with kernel privileges that would let an attacker get to the heart of the operating system.
Understandably, Apple keeps a lid on details that might help more attackers do damage.
Malwarebyte Labs has a nice rundown on other security-related bugs that stand out in the two dozen CVEs Apple addressed this week.
Earlier this year, Apple announced that it was giving users a choice: They could update to iOS 15 as soon as it's released, or stay on iOS 14 but still get important security updates until they're ready to upgrade.
News URL
https://threatpost.com/apple-patches-ios-bugs/175803/
Related news
- Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability (source)
- Critical Flaws in Tank Gauge Systems Expose Gas Stations to Remote Attacks (source)
- Researchers Warn of Ongoing Attacks Exploiting Critical Zimbra Postjournal Flaw (source)
- Critical Ivanti RCE flaw with public exploit now used in attacks (source)
- CISA says critical Fortinet RCE flaw now exploited in attacks (source)
- Fortinet warns of new critical FortiManager flaw used in zero-day attacks (source)
- FortiManager critical vulnerability under active attack (source)
- CISA warns of critical Palo Alto Networks bug exploited in attacks (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Critical bug in EoL D-Link NAS devices now exploited in attacks (source)