Apple addresses WebKit security flaw with iOS and iPadOS 14.4.2

Apple's 2020 iPad Air.
Enlarge / Apple’s 2020 iPad Air.

Samuel Axon

Today, Apple started rolling out iOS 14.4.2, iPadOS 14.4.2, and watchOS 7.three.three, and the corporation issued an advisory to customers to upgrade as quickly as doable. Like iOS/iPadOS 14.four.1 prior to it, this update addresses a security flaw.

Additionally, Apple released a equivalent security update—12.five.2—for older devices like the iPhone 5S or six that can’t run iOS 14.

The release notes for iOS 14.4.2 and iPadOS 14.4.2 are minimal, basically stating:

This update delivers critical security updates and is advised for all customers.

For data on the security content material of Apple application updates, please pay a visit to the web page:

It’s that security hyperlink that includes the real information. Here’s what Apple’s security help web page says:


Available for: iPhone 6s and later, iPad Pro (all models), iPad Air two and later, iPad 5th generation and later, iPad mini four and later, and iPod touch (7th generation)

Impact: Processing maliciously crafted net content material could lead to universal cross website scripting. Apple is conscious of a report that this problem could have been actively exploited.

Description: This problem was addressed by enhanced management of object lifetimes.

CVE-2021-1879: Clement Lecigne of Google Threat Analysis Group and Billy Leonard of Google Threat Analysis Group

The exact same goes for the watchOS update. All 4 application updates (iOS 14.4.2, iPadOs 14.4.2, iOS 12.five.two, and watchOS 7.three.three) need to currently be obtainable to all customers of supported devices appropriate now. This is the second update considering that the release of iOS/iPadOS 14.four and watchOS 7.three in late January.

The update promptly preceding this a single was also an urgent repair for a security vulnerability.

iOS 14.4 was a function update, not just a security update or bug repair a single, but the functions added have been somewhat modest. They incorporated the capacity for the camera to study smaller sized QR codes than prior to, an alternative to manually classify Bluetooth devices to assure preferred behavior, and notifications to let customers know if the camera is “unable to be verified as a new, genuine Apple camera.”

Related posts

Texas’ power grid crumples under the cold


Scientists ID potential biomarkers to peg time of death for submerged corpses


The new adaptation of The Witches is almost too much fun


Apple moving forward with plan to limit “creepy” user tracking


What to expect from the first-ever virtual CES


Hackers tied to Russia’s GRU targeted the US grid for years


Leave a Comment