Apple just released iOS 14.4 and iPadOS 14.4, and the update notes contain some worrying language (via TechCrunch). Under kernel updates, Apple notes that “a malicious application may be able to elevate privileges,” and under WebKit updates, it says “a remote attacker may be able to cause arbitrary code execution.” After both statements, the update notes say, “Apple is aware of a report that this issue may have been actively exploited.”
What this means, broadly, is that you should update your iOS devices as soon as possible. To put the language into plain terms: Apple found a security hole in its operating systems, and it also has evidence that someone may have exploited it. The update notes don’t have any further details, so for now, we don’t know who may have used the security breach or what they may have been using it for.
It’s not time for cyber-lockdown, but it is time to update
However it was used, the security breaches aren’t minor ones. An application being able to elevate privileges means that it could do things it’s not supposed to be able to do. Again, there aren’t any details, but broadly speaking, it means a malicious app could’ve bypassed some of Apple’s security protections.
The WebKit exploit isn’t better. A remote attacker being able to cause arbitrary code execution means an attacker could do things on your phone just from you visiting a website they control.
This isn’t to say it’s time to go into total cyber-lockdown mode, but it does mean that 14.4 isn’t an update you want to put off for a while. In the meantime, Apple says it’ll provide additional details soon, so we’ll keep an eye out for more information about the exploits.