If you’ve not yet updated your iPhones, iPads, and Macs with the latest patches from Apple, then you need to take some time out of your day to do it right now, because this is a big one.
Earlier this week, Apple published iOS 14.7.1, iPadOS 14.7.1, and macOS Big Sur 11.5.1. While this update contains bug fixes, the main part of this update is a security fix for a vulnerability that Apple says “may have been actively exploited.”
In other words, the bad guys are already using it.
Here’s how Apple describes the vulnerability in relation to iOS and iPadOS:
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2021-30807: an anonymous researcher
It’s unclear if this is the vulnerability used for jailbreaking iOS devices, or whether it is linked to the NSO Group spyware tool hack used to target journalists, activists, and government figures.
To update your iPhone and iPad, go to Settings > General > Software Update and download and install any available updates.
For macOS, click on the apple in the top-left corner, go to System Preferences, find Software Update and download and install any updates available.
I recommend carrying out these updates as soon as possible.
To get immediate notifications of updates for the iPhone and iPad, I’ve been using the app iVerify.