Apple releases critical iOS 14.5.1, macOS 11.3.1 security updates
Apple on Monday released updates for iOS 14.5, iPadOS 14.5, watchOS 7.4, and macOS 11.3, which contain critical security patches that should be installed immediately. We’ve seen these types of fixes in other recent updates and can’t stress how important it is to update.
Update 5/4: Apple also released iOS 12.5.3 to address the Webkit exploits.
Apple’s security update document states that it fixes a flaw where “Processing maliciously crafted web content may lead to arbitrary code execution. Those are particularly scary words, especially when paired with this sentence: “Apple is aware of a report that this issue may have been actively exploited.” Two phrases you never want to hear in a security update for a device you own are “arbitrary code execution” and “may have been actively exploited,” so it’s important that users update as soon as possible.
Major security fixes
Apple’s outline the issue at hand in technical terms. The CVE-2021-30665 applies to , , and , while CVE-2021-30663 doesn’t apply to the Apple Watch.
WebKit
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Description: A memory corruption issue was addressed with improved state management.
CVE-2021-30665: yangkang (@dnpushme)&zerokeeper&bianliang of 360 ATA
WebKit
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Description: An integer overflow was addressed with improved input validation.
CVE-2021-30663: an anonymous researcher
For devices unable to update to iOS 14, including the iPhone 5s, iPhone 6, and iPhone 6 Plus, Apple has released iOS 12.5.3 to path CVE-2021-30666, CVE-2021-30665, CVE-2021-30663, and CVE-2021-30661. You can get more information about the update .
App Tracking Transparency fix in iOS and iPadOS
The following are the release notes for iOS and iPadOS 14.5.1
This update fixes an issue with App Tracking Transparency where some users who previously disabled Allow Apps to Request to Track in Settings may not receive prompts from apps after re-enabling it. This update also provides important security updates and is recommended for all users.
How to install the updates
Before updating, it’s a good idea to back up your data, just in case the update causes problems. To install the update, you need an internet connection. Also, your device will need to restart in order to finish the installation. Here are the steps.
iPhone and iPad
- Open the Settings app
- Tap on General and then Software Updates.
- You can tap Learn more to read the release. To perform the installation, tap Download and Install.
Mac
- Click on the Apple menu.
- Select About this Mac.
- In the window that appears, go to the Overview tab if it’s not already open.
- Click on the Software Update button. This will open the Software Update system preference.
- You can click the More info link if you want to learn more about the update.
- When you are ready to install, click on the Update Now button. The installation takes several minutes, depending on the speed of the internet connection.
Apple Watch
- On your iPhone, launch the Watch app.
- Tap General.
- Tap Software Update. The app will look for the update online.
- When the app finds the update, you’ll see a screen with the release notes. Under the notes, tap Download and Install.