A customer holds a new Apple Inc. iPhone 12 Pro at an Apple Inc. store in San Francisco, California, U.S., on Friday, Oct. 23, 2020. Apple is urging iPhone and iPad users to promptly update their operating systems to fix security bugs that may have already been exploited by hackers.

CNN

You should update your iPhone right now, Apple urges

By Samantha Murphy Kelly, CNN Business | Posted - Jan. 27, 2021 at 10:45 a.m.



WASHINGTON (CNN) — Apple is urging iPhone and iPad users to promptly update their operating systems to fix security bugs that may have already been exploited by hackers.

On its support webpage, the company said three security flaws "may have been actively exploited." It did not reveal too many specifics about the bugs, noting "Apple does not disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available."

The issue is a link in an exploit chain, meaning a hacker would need to exploit further bugs for it to be fully executable. The company declined to comment further on any attacks.

The company pushed out the security patches on Tuesday as part of its new iOS 14.4 software, which also includes fixes for keyboard lag and allows smaller QR codes to be read by the camera.

Apple said two security issues stem from its WebKit, an open source browser engine used by Safari and iOS browsers. "A remote attacker may be able to cause arbitrary code execution," the company said in the description notes. Meanwhile, Kernel, an Apple developer framework, was also affected.

The exploits were reported by "an anonymous researcher," according to the webpage.


A remote attacker may be able to cause arbitrary code execution.

–Apple


Apple prides itself on device security but it's not immune to exploits. Last year, Google researchers found several websites with code that allowed hackers to quietly infiltrate iPhones. Meanwhile, an iOS13 bug exposed contact details stored in iPhones without requiring a passcode or biometric identification — a flaw that the company did not publicly address until several months after it was first reported.

Have you updated your iPhone in the past 24 hours?
Yes
No
I don't have an iPhone
Created with Survey maker

The-CNN-Wire™ & © 2021 Cable News Network, Inc., a Time Warner Company. All rights reserved.

Related Stories

Samantha Murphy Kelly Business

    SIGN UP FOR THE KSL.COM NEWSLETTER

    Catch up on the top news and features from KSL.com, sent weekly.
    By subscribing, you acknowledge and agree to KSL.com's Terms of Use and Privacy Policy.

    KSL Weather Forecast