If you own an iPad, iPhone, or a Mac, you should definitely go update your device right now. Why? Because there are brand new patches out and you don’t want to get hacked.
Earlier today, Apple unexpectedly released iOS 14.7.1 and iPadOS 14.7.1, the latest updates for the company’s phones and tablets. The company also released macOS Big Sur 11.5.1, a patch that solves a minor bug after the release of macOS Big Sur 11.5 last week.
Most critically, the recent updates fix a zero-day vulnerability that Apple says has been seeing exploitation by hackers “in the wild,” i.e., out in the world. That vulnerability, CVE-2021-30807, could allow a hacker to execute arbitrary code with kernel privileges, essentially allowing them to hijack your device on a very elemental level.
Here’s the whole rundown from Apple:
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2021-30807: an anonymous researcher
The Record notes that while it’s not exactly clear who is doing the hacking, there are some notable suspects:
While there is a pretty solid chance that this “zero-day” might be an new exploit used by the iOS jailbreaking community to root iPhones, it is also unclear if today’s zero-day is in any way related to NSO Group, an Israeli company that sells iPhone hacking tools to governments around the world, and who was recently at the centre of a large number of investigative reports that have exposed some of its past hacking.
While it’s hard to say who exactly is going after your device, you obviously don’t want them to be successful. Thus, go, update, and be secure.