Welcome to Brown’s Bytes! Your weekly insight from Mobliciti’s CTO Andy Brown. Follow #brownsbytes
28th May 2021
Short one this week – it’s another iOS update week as iOS 14.6 has been released. Hot on the heels of a security release (14.5.1) that fixed issues which were being exploited in the wild, we now get iOS 14.6.
It’s the usual mix of new features and security fixes:
- The good news is that the security fixes are apparently not yet being exploited in the wild
- The interesting news is that there are 43 security vulnerabilities patched in this release
Of course, and as usual, the challenge is that the release of the fix is also the release of the fact there is a vulnerability to target. Target areas include the Webkit – i.e. the Browser, so any exploit could potentially be based on getting users to hit a web page.
It’s also worth noting that the vulnerabilities listed could (in theory) be combined to result in Kernel Level Access (bad – very bad).
In other words… better get patching…