Apple has released a new update to iOS 14 and iPadOS 14, and users should prioritize downloading whichever one applies to them as soon as possible. The update, software version 14.4.1, nullifies a bug affecting Apple's Safari web browser.
Apple provides a bit of additional information about the vulnerability on its Apple security updates webpage. Specifically, Apple says that it is a flaw that allows attackers to, potentially, utilize "maliciously crafted web content" in order to carry out "arbitrary code execution."
Apple notes that the update also improves a "memory corruption issue … with improved validation."
Correcting a Security Vulnerability
It does not reveal whether this Safari vulnerability has been put into action, and exploited by attackers in the wild. It may simply be that Apple---or one of the cybersecurity experts who routinely monitor software releases---discovered the flaw, and alerted Apple prior to it being exploited by a hacker.
Apple offers a so-called bug bounty for exactly this reason, offering rewards that can exceed $1 million to security researchers who discover these bugs, and alert Apple to their presence. While that might seem (and it is!) a hefty reward for pointing out security flaws, the potential danger of having these flaws in a public-facing product is enough that Apple deems it a worthwhile use of its money.
Apple's release notes for the 14.4.1 version state, in no uncertain terms, that, "This update provides important security updates, and is recommended for all users."
There are no big feature changes of note in the software update. But if it stops users being potentially targeted by hackers seeking to do remote code execution, it's certainly a worthwhile update.
To install it, go to your Settings app > General > Software Update.?You can then?tap?Download and Install?in order to update.
iOS 14.5 Is Coming Soon
The more notable iOS and iPadOS update is iOS 14.5, which is coming soon. Updates with that version will include a new anti-zero-click attack security measure, the ability to control the default music player, to unlock your iPhone while wearing a mask, more than 200 new emoji, app tracking transparency, and more.
Apple has not yet revealed exactly when iOS and iPadOS 14.5 will ship. However, given that it released software version 14.4.1 seemingly to correct a single security bug, it's worth taking Apple's hint, and making sure that you download it. While it will only take you a few minutes, the potential ramifications of not doing so could negatively impact you for a lot longer.
Adoption numbers for Apple's latest iPhone and iPad firmware is pretty darn impressive.