Apple says iOS 14.4 fixes three security bugs ‘actively exploited’ by hackers – TechCrunch

Apple has released iOS 14.4 with security fixes for three vulnerabilities.

Technology veteran said Its security update page for iOS and iPadOS 14.4 That three bugs Affecting iPhones and iPads “can be actively exploited.” Details of the vulnerabilities are scarce, and an Apple spokesman declined to comment on what’s in the advisory.

It is not known who is actively exploiting the vulnerabilities, or who may be suffering. Apple did not say whether the attack was targeted against a small subgroup of users or if it was a widespread attack. The consultant stated that Apple gave benami property to the person presenting the bug.

Two bugs were found in WebKit, the browser engine that powers the Safari browser, and the kernel, the core of the operating system. Some successful exploits use a set of weaknesses of chains together rather than a single defect. It is not uncommon for attackers to first target a vulnerability in the device’s browsers as a way to gain access to the underlying operating system.

Apple said additional details would be available soon, but did not say when.

This is a rare admission by Apple, which prides itself on its security image, that its customers may be subject to active attack by hackers.

In 2019, Google Security Researcher Many malicious websites found With code that quietly hacked into victims’ iPhones. TechCrunch revealed that the attack was part of an operation, likely carried out by the Chinese government Spying of Uygar Muslims. In response, Apple disputed some of Google’s findings An equally rare public statementFor which Apple faced more criticism Underline seriousness Of attack.

Last month, Internet watchdog Citizen Lab found dozens of journalists had hacked their iPhones with previously unknown vulnerabilities To install spyware Developed by Israel-based NSO Group.

In the absence of details, iPhone and iPad users should update to iOS 14.4 as soon as possible.