Apple has recently released iOS 14.5.1 and iPodos 14.5.1 for compatible iPhone and iPad models to fix two zero-day security vulnerabilities in WebKit that allow attackers to run malicious code on updated devices. Mac computers and Apple Watch models had similar security vulnerabilities that received the MacOS Pixar 11.3.1 and WatchOS 7.4.1 updates, respectively. Cupertino has released iOS 12.5.3 for its older iPhone and iPad models to fix a total of four webkit-related security issues, including two zero-day glitches.
According to the details provided via a Security post Issued by Apple, iOS 14.5.1 and iPadOS 14.5.1 include fixes for two vulnerabilities found in the WebKit browser engine, which is intended to provide web content in Safari, the App Store, Mail, and other applications. Vulnerabilities are listed as CVE-2021-30663 and CVE-2021-30665.
While CVE-2021-30663 is described as an integer overflow issue, CVE-2021-30665 is a memory corruption issue. Both vulnerabilities allowed attackers to run malicious code through well-designed web content.
Apple said it was aware of reports that both security issues could be seriously exploited. Therefore, users are recommended to download and install iOS 14.5.1 and iPadOS 14.5.1 updates on their devices.
New updates also include a bug that asks for application tracking transparency.
“This update fixes an issue with application tracking transparency, allowing apps to monitor some previously disabled settings and not being able to receive instructions from applications after re-enabling it,” the company said in a statement.
In addition to iOS 14.5.1 and iPadOS 14.5.1, Apple has released the MacOS Pixar 11.3.1 and WatchOS 7.4.1. These updates will fix the two zero-day vulnerabilities that the company has added to the new iPhone and iPad models through the iOS and iPadOS updates.
Apple has brought iOS 12.5.3 to its older iPhone, iPod and iPod Touch models IPhone 5S, IPhone 6, IPhone 6 Plus, IPod Air, IPod Mini 2, IPod Mini3, And iPod Touch (6th generation). It Corrections CVE-2021-30663 and CVE-2021-30665 vulnerabilities are listed as CVE-2021-30666 and CVE-2021-30661 with two additional zero day defects affecting the webkit.
The new security updates come a week after Apple Published Compatible devices include iOS 14.5, iPados 14.5, MacOS Pixar 11.3, WatchOS 7.4 and TVOS 14.5. The company has also stopped signing on iOS 14.4.2, meaning users will not be able to downgrade to iOS 14.5 or earlier iOS versions if they have already updated their Apple devices.
How to Download iOS 14.5.1, iPadOS 14.5.1, macOS Big Sur 11.3.1, watchOS 7.4.1
Can be downloaded with iOS 14.5.1 and iPadOS 14.5.1 Settings > General > Software updates On compatible iPhone and iPad models. For MacBook, iMac, Mac Mini and other Mac models, you can download MacOS Big Sur 11.3.1 System Options > Software update After clicking the Apple menu icon from the top left corner of your computer screen. You can also see the latest MacOS update by visiting About this Mac Setting up from the Apple menu.
Apple Watch users can download the WatchOS 7.4.1 update My watch Tab from Watch app on their iPhones. The update can be downloaded directly from the Apple Watch.