Monday, 27 September 2021 09:18 GMT

Apple releases zero-day security vulnerability patch for Macs, iPhones, iPads


(MENAFN- NewsBytes) Last week, Apple released the iOS version 14.7 update for iPhones. However, it accidentally interrupted the "Unlock with iPhone" feature that Apple Watch users relied on to access the wearable. To fix it, Apple recently pushed another update for iOS apart from iPadOS and macOS. These updates also patch a zero-day vulnerability, attributed to an anonymous researcher, that caused memory corruption in Apple devices.

In this article
  • Patch re-enables Apple Watch functionality lost with iOS 14.7
  • Security patch prevents misuse of screen framebuffer kernel component
  • Apple credits vulnerability's discovery to anonymous researcher
  • Pegasus malware link could have fueled Apple's urgency
Revived Patch re-enables Apple Watch functionality lost with iOS 14.7

Apple's latest patch for iOS re-enables the ability to unlock your Apple Watch if your iPhone is close by. The error was introduced by Apple's previous update to the operating system that brought support for its newly-introduced MagSafe-compatible wireless power bank . However, even if you don't have an Apple Watch, you should still install Apple's urgent update.

Details Security patch prevents misuse of screen framebuffer kernel component

Addressing the thirteenth zero-day security vulnerability this year, Apple's newest update for iOS (version 14.7.1), iPadOS version 14.7, and macOS version 11.5 fixes a memory corruption issue identifiable uniquely by the code CVE-2021-30807 . The issue was caused by a kernel component responsible for managing the screen framebuffer that could be misused to execute malicious code with kernel-level privileges.

Eerie timing Apple credits vulnerability's discovery to anonymous researcher

Apple noted that it was "aware of a report that this issue may have been actively exploited." In such instances, Apple redacts additional information about the vulnerability to prevent further misuse and to maintain the integrity of the security patch. Apple credited an anonymous researcher with the discovery of this vulnerability. However, one cannot help but note that the Pegasus malware is also rampant.

Speculation Pegasus malware link could have fueled Apple's urgency

The Hacker News reported that the timing of this security patch indeed raises questions about possible links to the Pegasus malware that has been the center of media attention of late. Nevertheless, we strongly advise you to install the security patch on all your Apple devices at the earliest to plug the vulnerability and regain the lost Apple Watch feature if you're on iOS.

MENAFN31072021000165011035ID1102547455


Legal Disclaimer:
MENAFN provides the information “as is” without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the provider above.