iOS 14.4: Update immediately to shield against security threats

News
By published

Apple tipped off to three iOS security bugs by an anonymous researcher

Apple iOS 14 privacy labels
(Image credit: Apple)

Apple has rolled out patches for three iOS security vulnerabilities, which are said to have been exploited by hackers in the wild.

The company was alerted to the problems via an anonymous tip and bundled the necessary fixes with the recent wider iOS 14.4 update.

The three vulnerabilities are classified as zero-days, meaning they existed in the OS for a period without a patch, and opened the door to privilege escalation and remote code execution attacks.

iOS 14 security vulnerabilities

Apple generally enjoys a stellar reputation where privacy and data security are concerned, and the company had hoped to further extend its lead at the front of the pack with its latest mobile operating system, iOS 14.

Launched in September, the OS introduced a handful of privacy-centric upgrades, including data collection summaries for each App Store app and an overhaul to the way location data is handled.

However, despite the renewed emphasis on security and privacy, a number of iOS security flaws have been identified in the last handful of months alone.

In November, researchers discovered a chain of iOS bugs that could be used for targeted exploitation. Only a month later, it emerged another flaw had been exploited to launch attacks against a series of Al Jazeera journalists.

The discovery of this latest set of zero-day security vulnerabilities, then, will serve to sow further seeds of doubt over the company’s security credentials.

According to an Apple support listing, the first of the three bugs was present in the iOS kernel and created an opportunity for attackers to elevate their privileges. The second and third were described as “logic issues” found in WebKit and allowed remote attackers to “cause arbitrary code execution”.

When chained together, it is thought the vulnerabilities could have allowed hackers to compromise the OS by luring victims to a malicious domain.

Specific details remain scant, but Apple has promised additional information will be made available soon. In the interim, iOS users are advised to update their devices as soon as possible.

Via ZDNet

TOPICS
Joel Khalili
Joel Khalili
News and Features Editor

Joel Khalili is the News and Features Editor at TechRadar Pro, covering cybersecurity, data privacy, cloud, AI, blockchain, internet infrastructure, 5G, data storage and computing. He's responsible for curating our news content, as well as commissioning and producing features on the technologies that are transforming the way the world does business.

Latest in Security
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple H3C Magic routers hit by critical severity remote command injection, with no fix in sight
Code Skull
This dangerous new ransomware is hitting Windows, ARM, ESXi systems
An abstract image of a lock against a digital background, denoting cybersecurity.
Critical security flaw in Next.js could spell big trouble for JavaScript users
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
Lock on Laptop Screen
Medusa ransomware is able to disable anti-malware tools, so be on your guard
Latest in News
Zotac Gaming RTX 5090 Graphics Card
Nvidia Blackwell stock woes are compounded by price hikes as more RTX 5090 GPUs soar in pricing, and I’m sick and tired of it all at this point
An Apple Music pink/pixellated poster advertising DJ with Apple Music
DJ with Apple Music lands, allowing subscribers to build and mix DJ sets directly from its +100 million-song catalog
The Meta Quest 3 and controllers on their charging station which is itself on a wooden desk next to a lamp
Forget Android XR, I've got my eyes on Vivo's new Meta Quest 3 competitor as it could be the most important VR headset of 2025
Samsung Galaxy S25 from the front
The Now Bar on Samsung One UI 7 is about to get a lot more useful – and could soon match Live Activities on iOS
Marvel Rivals
Marvel Rivals will get two new hero skins for Moon Knight and Black Panther this week meaning I'll now need to farm even more Units
Nvidia app
Tired of manually optimizing your games? Nvidia's new G-Assist could save you time
More about security
Code Skull

This dangerous new ransomware is hitting Windows, ARM, ESXi systems
Code Skull

Interpol operation arrests 300 suspects linked to African cybercrime rings
Windows 10

The six-step countdown to Windows 10 end of life
See more latest
Most Popular
Quordle on a smartphone held in a hand
Quordle hints and answers for Wednesday, March 26 (game #1157)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Wednesday, March 26 (game #388)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Wednesday, March 26 (game #654)
Nvidia app
Tired of manually optimizing your games? Nvidia's new G-Assist could save you time
Zotac Gaming RTX 5090 Graphics Card
Nvidia Blackwell stock woes are compounded by price hikes as more RTX 5090 GPUs soar in pricing, and I’m sick and tired of it all at this point
Demonstrators protesting against the arrest of the Mayor of Istanbul Ekrem Imamoglu block Atatürk Boulevard on March 22, 2025 in Ankara, Türkiye.
Turkey's social media ban has been lifted, but VPN usage is still high
An iPhone running iOS 18 on a purple and blue background
iOS 18.4 could launch soon with a major upgrade to your iPhone’s notifications
Code Skull
This dangerous new ransomware is hitting Windows, ARM, ESXi systems
An Apple Music pink/pixellated poster advertising DJ with Apple Music
DJ with Apple Music lands, allowing subscribers to build and mix DJ sets directly from its +100 million-song catalog
The Meta Quest 3 and controllers on their charging station which is itself on a wooden desk next to a lamp
Forget Android XR, I've got my eyes on Vivo's new Meta Quest 3 competitor as it could be the most important VR headset of 2025