[ad_1]
Apple’s recently released iOS 14.3 fixes nine security vulnerabilities, some of which could be serious.
Apple’s recently released iOS 14.3 fixes nine security vulnerabilities, some of which could be serious.
SOPA Images / LightRocket via Getty Images
AD
Apple released iOS 14.3 this week, along with a ton of cool features, including new privacy labels on the App Store. But along with these new features, the iPhone maker also fixed nine security vulnerabilities, some of which could be serious.
As always, Apple doesn’t provide much information on the security issues it fixed in iOS 14.3, so hackers don’t have the data they need to exploit before everyone has updated their phones.
Among the nine security vulnerabilities listed, two found by researchers from Google’s Zero Impact FontParser Project. The second of these means that processing a maliciously crafted font file can lead to arbitrary code execution, which can be serious.
Project Zero and XingWei Lin from Ant Security Light-Year Lab found two other security issues fixed in iOS 14.3 derived from Apple’s ImageIO. Both vulnerabilities mean that processing a maliciously crafted image can lead to arbitrary code execution.
Meanwhile, another issue with WebRTC could also lead to remote code execution, while a security issue addressed in iOS 14.3 could cause unauthorized code execution to lead to an authentication policy violation, Apple cautions.
Reasons to update to iOS 14.3
Of course, some people like to put off their iOS updates for later, because they are waiting for the additional bugs to be fixed. But security updates are an important reason to make sure you are always on the current iPhone operating system.
In this case, it’s particularly important: Some of the reported problems appear to be remote code execution vulnerabilities, says Sean Wright, SMB Application Security Leader at Immersive Labs.
“Since the details are scarce, one must err on the side of caution and assume that they are exploitable from a web page,” he warns. “Code execution is almost always a cause for concern and attention should be paid. I recommend that people update when possible. “
AD
At the same time, Wright advises, be aware of the apps you are installing and only install apps from the official App Store that you need and will use.
Apple’s iOS 14.3 offers some cool new features for the iPhone, but its security updates are really key. So if you haven’t updated yet, why not take a few minutes to do so now?
