If you have an Apple device like an iPhone or an iPad, then you should make sure that you’ve updated your software to iOS 14.4.2 as soon as possible. The update includes a patch for a vulnerability that is currently being exploited by hackers.
As reported by TechCrunch, the update is to protect against a zero-day vulnerability discovered by security researchers working at Google’s Project Zero.
As detailed on the Apple website, the update which was released on Friday, March 26, includes a fix for an issue in WebKit. WebKit is the engine used by Apple’s browser Safari. However, the vulnerability doesn’t only apply to those who use Safari as their browser. Even if you use another browser, your device is still vulnerable until this issue is patched.
Apple describes the issue on its website as follows: “Processing maliciously crafted web content may lead to universal cross-site scripting. Apple is aware of a report that this issue may have been actively exploited.”
The phrase “actively exploited” means that hackers could be currently using this vulnerability in some way right now, although Apple doesn’t give any details about how widespread the attacks may be, who is responsible for them, or how serious they are.
In any case, it’s a good idea to make sure you haven’t skipped updating your Apple devices and that you have updated to iOS 14.4.2 or iPadOS 14.4.2.
For those using older Apple devices, there is an equivalent update for iOS which is iOS 12.5.2. There is also an update for Apple Watch, with watchOS 7.3.3.
Most Apple devices should update automatically unless you have disabled automatic updates. As annoying as updates can be, it’s worth keeping automatic updates enabled to make sure you’re kept safe from this kind of issue.