Apple says iOS 14.5.1 and macOS 11.3.1 patch WebKit flaws that may have been actively exploited

For older iPhone and iPads, 2 additional security concerns were repaired with iOS 12.5.3. Apple patched the buffer overflow/improved memory handling and also upgraded the “use after totally free issue.”.

WebKit
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later on, iPad mini 4 and later on, and iPod touch (7th generation).
Effect: Processing maliciously crafted web material may cause approximate code execution. Apple understands a report that this problem might have been actively exploited.
Description: A memory corruption concern was addressed with better state management.
CVE-2021-30665: yangkang (@dnpushme)&& zerokeeper & bianliang of 360 ATA.
WebKit. Offered for: iPhone sixes and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later on, iPad mini 4 and later on, and iPod touch (7th generation).
Impact: Processing maliciously crafted web material may lead to approximate code execution. Apple understands a report that this issue may have been actively made use of.
Description: An integer overflow was resolved with enhanced input recognition.
CVE-2021-30663: an anonymous scientist.

WebKit.
Offered for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation).
Impact: Processing maliciously crafted web content might result in approximate code execution. Apple understands a report that this issue might have been actively made use of.
Description: A buffer overflow problem was addressed with improved memory handling.
CVE-2021-30666: yangkang (@dnpushme)&& zerokeeper & bianliang of 360 ATA.
WebKit Storage. Offered for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation).
Effect: Processing maliciously crafted web content may result in approximate code execution. Apple understands a report that this problem might have been actively made use of.
Description: An usage after totally free concern was resolved with improved memory management.
CVE-2021-30661: yangkang (@dnpushme)&& zerokeeper & bianliang of 360 ATA.

Apple launched iOS 14.5.1 and iOS 12.5.3, macOS 11.3.1, and watchOS 7.4.1 today with the main changes being security repairs (App Tracking Transparency bug fix for iOS too). So make sure to update to the current software application to the latest defense.
In support documents, Apple detailed the web flaws that were fixed. The very first flaw suggested that “Processing maliciously crafted web material may cause approximate code execution.” Memory corruption was at play here and Apple states it repaired the issue with “enhanced state management.”
A second flaw also dealt with the exact same capacity for malicious web material possibly performing arbitrary code and Apple states it likewise might have been exploited in the wild. On this one, Apple solved the issue with an integer overflow and “enhanced input recognition.”

Apple launched updates for iPhone, iPad, Mac, and Apple Watch today with multiple security updates. The defects involved destructive web material that could cause approximate code execution– and Apple states they may have been actively made use of.

FTC: We use earnings earning car affiliate links. More.
Have a look at 9to5Mac on YouTube for more Apple news:.

Leave a Reply

Your email address will not be published. Required fields are marked *