Security News > 2022 > February > iOS users: Patch now to avoid falling prey to this WebKit vulnerability
iOS users: Patch now to avoid falling prey to this WebKit vulnerability.
iOS users may have noticed an unexpected software update on their devices yesterday, and Apple is urging everyone to install that update immediately to avoid falling prey to a use-after-free vulnerability that could allow an attacker to execute arbitrary code on a victim's device.
As Kaspersky pointed out in its announcement of the vulnerability, Apple doesn't always explain the particulars of vulnerabilities until it completes an investigation, so don't expect a lot of particulars beyond the fact that the bug exists in WebKit, and is of the UAF vulnerability class.
All of the web browsers available on iOS, from Safari to Chrome to Firefox and beyond, use WebKit.
Apple said that the iPhone 6S and later, all iPad Pro models, iPad Air 2 and later, iPad 5th gen and later iPad Mini 4 and newer, and seventh generation iPod Touch devices would all be able to download the 15.3.1 update for iOS and iPadOS. iOS and iPadOS devices should automatically inform you of the need to update, but if you're yet to see a notification, it's a good idea to open the Settings app, navigate to General, and then to Software Update.
Also See Share: iOS users: Patch now to avoid falling prey to this WebKit vulnerability Apple.
News URL
Related news
- Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs and Patch Released (source)