Stuart

Apple Issues Another Webkit Fix: iOS 14.4.2

Apple issued an emergency fix earlier this month for WebKit with iOS 14.4.1, Big Sur 11.2.3, and Watch OS 7.3.2. Now it has issued a second emergency patch for another WebKit vulnerability, which is the engine that underlies much website and HTML processing, most notably for Safari. This vulnerability, discovered by Google, addresses an issue where,

Impact: Processing maliciously crafted web content may lead to universal cross site scripting. Apple is aware of a report that this issue may have been actively exploited.

Description: This issue was addressed by improved management of object lifetimes.

Apple

To resolve this, you’ll need to update your iOS device to iOS 14.4.2 or older iOS devices to iOS 12.5.2 and your Apple Watches to WatchOS 7.3.3.

Interestingly, as of the time of this writing there are not patches for Mac OS or Safari for Mac OS. It’s possible that the patches are still coming, or that Mac OS is not currently affected by this bug. This article will be updated should a patch be released.

You can see all the security patches on Apple’s security release page: https://support.apple.com/en-us/HT201222

Feel free to comment.

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.