If you own an iPhone or iPad, drop what you’re doing and upgrade to iOS 14.4 and iPadOS 14.4 right now. The reason? Apple patched three security vulnerabilities in the operating systems that the company believes hackers were actively exploiting.
Apple released the iOS 14.4 and iPadOS 14.4 updates for its iPhones and iPads, respectively, yesterday. Both updates brought with them the usual stability and bug fixes and added a few new minor features, such as the ability for the iPhone to register haptic feedback when transferring a song between it and a HomePod mini speaker.
However, in a support document published with the updates, Apple acknowledged that three vulnerabilities were patched in the new software as well. Patching security vulnerabilities is nothing outside of the ordinary for any operating system. Everyone from Apple to Google to Microsoft is engaged in an eternal game of cat and mouse with hackers constantly looking for or creating new attack vectors into operating systems.
However, most exploits, thankfully, are found and patched before they are used in the real world. Apple believes this is not the case with the three exploits iOS 14.4 and iPadOS 14.4 patched yesterday. One exploit allowed for a malicious app to elevate privileges via the operating system’s kernel and two more exploits involved Apple’s WebKit, which could let a remote attacker execute arbitrary code. Apple says all those vulnerabilities “may have been actively exploited.”
Your iPhone and iPad are still vulnerable to these exploits until you update to iOS 14.4 and iPadOS 14.4—so do so right now. To update the software on your iPhone and iPad:
- Open the Setting app.
- Tap General.
- Tap Software Update.
- Tap Download and Install.
Once you’ve done this, and your iPhone and iPad are running iOS 14.4 and iPadOS 14.4, your devices will be protected from the identified exploits.