Apple Fixes Critical Vulnerabilities in iOS, macOS Big Sur and Safari

 Apple has released security updates for a critical vulnerability in iOS, macOS Big Sur, and Safari that could allow an attacker to remotely execute code on systems. Just visiting a malicious or compromised website is enough to carry out the attack.

The vulnerability, designated CVE-2021-1844, resides in WebKit, the Apple-developed browser engine that Safari uses. The vulnerability was found by Clément Lecigne of Google's Threat Analysis Group and Alison Huffman of Microsoft Browser Vulnerability Research.

Lecigne has in the past discovered multiple zero-day leaks in Internet Explorer and Google Chrome, among others, that were actively attacked before security updates were available. However, Apple does not report that the now fixed vulnerability has been used in attacks against users.

MacOS Big Sur 11.2.3 has been made available for macOS Big Sur users . MacOS Catalina and macOS Mojave users can update to Safari 14.0.3, and for iPhone or iPad owners, iOS 14.4.1 and iPadOS 14.4.1 have been released.

Previous Post Next Post