Apple iPhone users are encouraged to install the latest software update that addresses a number of vulnerabilities, including those that allow hackers to elevate their privileges within a victim’s phone or execute functions remotely.
Apple’s iOS 14.6 was released overnight and comes with several positive features but also addresses more than 40 serious security vulnerabilities.
Apple Australia would not discuss the security issues directly, however its website details ‘updates to WebKit’ among its most serious fixes.
WebKit is the engine that powers Apple’s Safari browser and has been at the centre of multiple other security issues this year.
Those issues include cross-site scripting giving attackers multiple means to attack an iPhone users, redirecting users to a phishing or malicious site, performing actions on a site on a user’s behalf or even obtaining information from a browsing session.
Apple’s website includes six fixes to WebKit in iOS14.6, including the risk a “malicious application may be able to leak sensitive user information.”
It also resolved concerns “a malicious website may be able to access restricted ports on arbitrary servers” and the risk of “processing maliciously crafted web content may lead to universal cross site scripting”.
“For the protection of our customers, Apple doesn’t disclose, discuss or confirm security issues until an investigation has occurred and patches or releases are generally available,” the website reads.
“If you need technical support for a security issue – for example, to reset your Apple ID password or to review a recent App Store charge – view the Get help with Security Issues article.
“If you believe you have discovered a security or privacy vulnerability in an Apple product, find out how to fil ..
Support the originator by clicking the read the rest link below.
