New Apple update fixes active security flaw – Update your iPhone now

Apple has released minor updates for its iOS, iPadOS, and watchOS operating systems running on the company’s smartphones, tablets, and smartwatches.

iOS and iPadOS versions 14.4.2, and watchOS version 7.3.3 fix a security vulnerability within the WebKit browser engine used in Safari and other Apple web browsers.

The bug – which was discovered by Clement Lecigne and Billy Leonard of Google Threat Analysis Group – has reportedly been actively exploited.

According to Apple’s support page, it could result in a user’s device processing maliciously crafted web content which may lead to universal cross site scripting.

This would allow a malicious actor to gather information from other webpages which a user has open on their device.

Apple said the updates addressed the issue by improving management of object lifetimes.

The company has recommended that all iPhone, iPad, and Apple watch users install these updates.

The updates are available for iPhone 6s and later, iPad 5th generation and later, all iPad Pro models, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation).

For older devices Apple has also released iOS and iPadOS versions 12.5.2, which fix the same issue.

This will be for users of the iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch 6th generation.

To update to the latest available iOS or iPadOS version, users can navigate to Settings, select the General section and hit “Software Update”.

Multiple security updates

This is the third security fix Apple has rolled out for its operating systems in the last two months.

Towards the end of January, it launched iOS 14.4 and iPadOS 14.4, which fixed two other security bugs.

This included a vulnerability in the Kernel code which could allow a malicious application to elevate privileges on a user’s device.

In addition, an issue had also been identified in the Safari browser’s WebKit that could let a remote attacker cause arbitrary code execution.

In early March, it rolled out another security patch for the WebKit engine in iOS, iPadOS, and MacOS.

Apple is currently beta testing its next major update – iOS 14.5 – which is set for official release in South Africa’s autumn.

Now read: Apple fined R29.8 million for selling iPhones without chargers