iPhone users, Apple gives you over 20 “security reasons” for updating your operating system

Earlier this week Apple a software update rolled out – iOS 14.7 – however, for iPhone users, not all of the fixes that will be part of this update have been revealed. Now, after a two-day break, the company has that iPadOS 14.7 update and now revealed the detailed security updates coming for both iPhone and iPad users.
Apple’s documentation confirms that the iOS 14.7 and iPadOS 14.7 updates contain fixes for a number of bugs. Here is the full list of vulnerabilities Apple is fixing with iOS 14.7 and iPadOS 14.7:

  • A shortcut can potentially bypass internet permission requirements
  • A local attacker could potentially cause the program to terminate unexpectedly or cause arbitrary code to run
  • An application can potentially execute arbitrary code with kernel privileges
  • Processing a maliciously crafted audio file can result in arbitrary code execution
  • Playing a malicious audio file can cause the program to terminate unexpectedly
  • Opening a maliciously crafted PDF file could result in an unexpected application termination or arbitrary code execution
  • Processing a maliciously crafted font file can result in arbitrary code execution
  • A malicious application can potentially gain root privileges
  • A sandbox process can bypass sandbox restrictions
  • A malicious application may be able to access Find My data
  • Processing a maliciously crafted font file can result in arbitrary code execution
  • A malicious application may be able to bypass code-signing checks
  • Processing maliciously crafted web content can lead to arbitrary code execution
  • Processing a maliciously crafted image can result in arbitrary code execution
  • A malicious attacker with arbitrary reading and writing skills could bypass pointer authentication
  • An attacker who has already reached the execution of kernel code could potentially bypass kernel memory allocations
  • A remote attacker could cause arbitrary code to be executed
  • Processing a maliciously crafted image can result in denial of service
  • A malicious application may be able to bypass certain privacy settings
  • Processing maliciously crafted web content can lead to arbitrary code execution
  • Joining a malicious Wi-Fi network can result in denial of service or arbitrary code execution

Features of iOS 14.7 and iPadOS 14.7
In addition to these bug fixes, the latest software update also brings new features for iPhone and iPad users. For those who own Apple’s HomePod, iOS 14.7 has an option to manage timers. This can be done in the Home app on the iPhone. The MagSafe battery is also supported. The Podcasts app has been redesigned with a new look and published subscriptions. With iOS 14.7, the Podcasts library in the app allows users to choose whether they want to see only the shows they are following or all of the shows.

.

Leave a Reply