iOS 14.4 fixes security flaw that may have been actively exploited by malicious apps

Apple has pushed out its iOS 14.4 software update which addresses several security issues that have been reported earlier. If you’re using an iPhone or iPad, it’s highly recommended that you download this latest update.

As pointed out by 9to5Mac, the support document has mentioned a kernel vulnerability and two WebKit vulnerabilities. It mentioned that a malicious app may be able to elevate privileges and Apple is aware of a report that the issue may have been actively exploited. For the WebKit security flaw, a remote attacker might be able to cause a arbitrary code execution. The flaws have been fixed with improved locking and restrictions.

Unfortunately, the support document didn’t explicitly mention who or which app is exploiting the vulnerabilities. The three vulnerabilities were reported by anonymous security researchers.

Apart from the security fixes, iOS 14.4 also brings a number improvements. This include the ability to recognise smaller QR codes in the camera app and the option to classify paired Bluetooth devices. It also fixes other issues such as artefacts in HDR photos taken on the iPhone 12 Pro. Another new addition is a notification that will pop-up if you’re using a non-genuine camera on the iPhone 12 series.

If you haven’t download iOS 14.4 yet, you can check manually at Settings > General > Software Update. The update is 344.3MB in size.


Alexander Wong