iOS 14

iOS 14.8 brings serious Security Fixes

Customers should upgrade to iOS 14.7.1 ASAP

Apple has released OS 14.8 bringing two major fixes that have been implemented for issues that Apple says may have been actively exploited.

Apple has also released watchOS 7.6.2 with similar security fixes for Apple Watch Series 3 and later.

The first security issue fixed in iOS 14.8 is a vulnerability in Apple’s CoreGraphics framework, where processing a maliciously crafted PDF may allow an attacker to execute code.

The second security hole fixed in iOS 14.8 is in the Apple WebKit browser engine, where processing malicious web content could allow an adversary to execute code.

CoreGraphics

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Description: An integer overflow was addressed with improved input validation.

CVE-2021-30860: The Citizen Lab

WebKit

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Description: A use after free issue was addressed with improved memory management.

CVE-2021-30858: an anonymous researcher

From a security perspective fixing vulnerabilities is always the priority.

As normal, Apple did not share details on the in-the-wild attacks or the profile of the targets.  The company did not release any indicators of compromise or any additional data to help defenders hunt for signs of infections.

iOS 14.8 is available as a free software update starting today for iPhone 6s and later.  If you don’t receive an automatic update notification, you can trigger the update manually by navigating to Settings > General > Software Update.

My Cart Close (×)

Your cart is empty
Browse Shop

Rapid Mobile

Rapid Mobile uses cookies, tokens, and other third party scripts to recognise visitors of our sites and services, remember your settings and privacy choices, and - depending on your settings and privacy choices - enable us and some key partners to collect information about you so that we can improve our services and deliver relevant ads.

 

By continuing to use our site or clicking I Accept, you agree that Rapid Mobile and our key partners may collect data and use cookies for personalised ads and other purposes, as described more fully in our privacy policy.

 

You can change your settings at any time by clicking Manage Settings or by visiting our Privacy Centre for more detailed information.

 

Privacy Settings saved!
Cookie Services

We need your consent so that we and our trusted partners can store and access cookies, unique identifiers, personal data and information about your browsing behaviour on your device. This enables us to serve relevant content and advertising to you, and to improve the service that we provide to our readers. This only applies to rapidmobile.biz.Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.

These cookies allow us to count visits and traffic sources, so we can measure and improve the performance of our site.

We track anonymized user information to improve our website.
  • _ga
  • _gid
  • _gat

Save my preferences