iPhone users, Apple gives you 20-plus ‘security reasons’ to update your OS – morningtidings

iPhone users, Apple gives you 20-plus 'security reasons' to update your OS - Times of India

Earlier this week, Apple rolled out a software update — iOS 14.7 — for iPhone users, however, it did not reveal all the fixes that are going to be part of this update. Now, after a gap of two days, the company has rolled out the iPadOS 14.7 update and now the revealed the detailed security updates that are coming for both iPhone and iPad users.
Apple’s documentation confirms that the iOS 14.7 and iPadOS 14.7 updates come with fixes for a range of bugs. Here is the complete list of vulnerabilities Apple is fixing with the iOS 14.7 and iPadOS 14.7:

  • A shortcut may be able to bypass Internet permission requirements
  • A local attacker may be able to cause unexpected application termination or arbitrary code execution
  • An application may be able to execute arbitrary code with kernel privileges
  • Processing a maliciously crafted audio file may lead to arbitrary code execution
  • Playing a malicious audio file may lead to an unexpected application termination
  • Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution
  • Processing a maliciously crafted font file may lead to arbitrary code execution
  • A malicious application may be able to gain root privileges
  • A sandboxed process may be able to circumvent sandbox restrictions
  • A malicious application may be able to access Find My data
  • Processing a maliciously crafted font file may lead to arbitrary code execution
  • A malicious application may be able to bypass code signing checks
  • Processing maliciously crafted web content may lead to arbitrary code execution
  • Processing a maliciously crafted image may lead to arbitrary code execution
  • A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication
  • An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations
  • A remote attacker may be able to cause arbitrary code execution
  • Processing a maliciously crafted image may lead to a denial of service
  • A malicious application may be able to bypass certain Privacy preferences
  • Processing maliciously crafted web content may lead to arbitrary code execution
  • Joining a malicious Wi-Fi network may result in a denial of service or arbitrary code execution

iOS 14.7 and iPadOS 14.7 features
Besides these bug fixes, the latest software update for iPhone and iPad users comes with new functionalities too. For those who have Apple’s HomePod, iOS 14.7 comes with an option to manage timers. This can be done on the Home app on the iPhone. Also, it comes with support for MagSafe Battery pack. The Podcasts app has been redesigned with new look and released subscriptions as well. With iOS 14.7, the Podcasts library in the app allows users to choose to see only the ones they follow or all shows.

timesofindia.indiatimes.com

Be the first to comment

Leave a Reply

Your email address will not be published.


*