Skip to main content

Latest Apple Update Fixes Web Security Flaw On Most Devices

By March 19, 2021May 11th, 2022Cybersecurity

Recently, two different security researchers (Clement Lecigne of Google’s Threat Analysis Group, and Alison Huffman from Microsoft’s Browser Vulnerability Research Group) discovered a pair of serious security vulnerability impacting Apple devices.

The bugs, tracked as CVE-2021-1844 and CVE-2021-21166 respectively, are browser-based memory issues that could have allowed remote code execution if the victim navigated or was directed to a website embedded with malicious code.

Apple moved quickly and issued a patch for the first, and the second was actually an issue in Google Chrome for Apple users, patched with the release of Chrome 89. Apple’s iOS updates are available for the iPhone 6 and later, the iPad Air 2 and later, the iPad mini 4 and later, and the iPod touch (7th Generation). The Apple releases you want are: macOS Big Sur 11.2.3, iOS 14.4.1, and iPad OS 14.4.1, depending on the type of device you have.

iOS 14.4.1 is the version containing the bugfix, and although there’s no evidence of either bug being used in the wild, it’s just a matter of time before that happens. So if you haven’t already updated to that version of iOS, you’ll want to make doing so a priority. Note too that the update is 138MB and is quite significant. It contains a number of small enhancements, in addition to the bug fix itself.

Kudos to Apple, Google, and Microsoft for their keen eyes and rapid responses in this case. These issues, and their accompanying security patches certainly won’t be the last such issues we see this year. In this case though, the responses of all three companies were exemplary and should serve as an example to everyone.

In any case, if you have already updated as described above, there’s nothing else for you to do. If you haven’t yet, do so at your next opportunity, and you’ll have one less thing to worry about.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.