Apple has launched a series of security updates for Mac, the iPhone, iPad and Apple Watch, all to address the same vulnerability — and the flaw is apparently serious enough that Apple will warn you to install the updates as soon as possible.
iOS and iPadOS 14.4.1, watchOS 7.3.2 and macOS Big Sur 11.2.3 should all be available to download now. Once downloaded, you may be notified that your platform’s respective update is “important” and is “recommended for all users.” It might not be iOS 14.5, but you should still update as soon as you can.
- The best iPhones: Which should you you buy?
- Beef up security with the best iPhone VPNs
- Plus: This iPhone app exposed thousands of users' recorded calls
While the updates themselves don’t specify what the issue is, the Apple support site — and the security bulletins for each update — clarify that the patches address a memory corruption bug in WebKit. This is the open-source browser engine behind Safari, so whether you have an iPhone 12 or Apple Watch Series 6, most Apple devices are going to be vulnerable to it.
As Apple put it in the security bulletins, “processing maliciously crafted web content” — visiting a malicious site, essentially — can trigger the bug and allow attackers to run malware on your device.
The bug was discovered by security researchers from Microsoft and Google, apparently fast enough that there are no recorded incidents of the vulnerability being exploited yet. That’s in contrast to a previously discovered pair of WebKit bugs that may have been actively exploited before January’s iOS 14.4 and iPadOS 14.4 security update.
Still, if you have a potentially affected device you should probably follow Apple’s advice and install the fix once it’s downloaded. If your iOS device hasn’t downloaded 14.4.1 yet, you can check for updates by opening the Settings menu and selecting General followed by Software Update.
On macOS Big Sur, you can open the System Preferences menu and select Software Update to do the same. Mac owners still using macOS Catalina or Mojave can alternatively update Safari to the new 14.0.3 version, which also includes a fix for the WebKit memory bug.
