Apple has released a new patch for iOS, iPadOS, macOS and watchOS. The company said in support documents that the updates resolve WebKit flaws that may have been exploited. The issues concerned “maliciously crafted web content [that] may lead to arbitrary code execution.”
Among the problems were a memory corruption issue and integer overflow on macOS and iOS, and buffer overflow and use after free issues on older iOS devices. To resolve the flaws, Apple has released iOS 14.5.1, iPadOS 14.5.1, macOS Big Sur 11.3.1 and watchOS 7.4.1. Owners of older iPhones, iPads and iPod touch devices that don’t support recent versions of iOS can download and install iOS 12.5.3 instead.
Security notes for the release indicate that it addresses a memory corruption issue and an integer overflow in WebKit that could both be exploited using maliciously crafted web content. Apple says it aware of a report that these issues may have been actively exploited, so users are advised to upgrade immediately.
The iOS and iPadOS 14.5.1 updates can be downloaded for free and the software is available on all eligible devices over-the-air in the Settings app. To access the new software, go to Settings > General > Software Update.