Just before Apple’s iPhone 13 reveal event, the tech giant released iOS 14.8, iPadOS 14.8, watchOS 7.6.2, and macOS Big Sur 11.6 to address a couple of major security issues plaguing several of its devices.
The four updates do not add new features to the operating systems of their respective devices, but do include important security fixes. The first solution is related to the CoreGraphics framework of iOS, iPadOS and macOS and the other is related to the functionality of Apple’s WebKit browser.
Apple says it became aware of the vulnerabilities these frameworks exploit to execute malicious code. For example, regarding the CoreGraphics exploit, Apple mentions that a “maliciously crafted PDF” could lead to “arbitrary code execution.”
According to The Washington Post, one of the defects was discovered by the Citizen Lab of the University of Toronto and is linked directly to Pegasus spyware. Together with Apple, Citizen Lab advises Apple users to update their devices as soon as possible.
Visit the Citizen Lab website to very detailed breakdown of exploits.
Source: Apple, The Washington Post