NEW YORK - Apple issued a new warning on Tuesday urging iPhone and iPad users to immediately update their device software to the newly released iOS and iPadOS 14.4.
The update comes in an effort to fix three security flaws that "may have been actively exploited". Apple credited "an anonymous researcher" for finding the bugs, according to its support webpage.
One of the security vulnerabilities found is a malicious application that may be able to "elevate privileges" in Kernel, the framework for Apple's operating system. Apple said the issue was addressed in the new update with "improved locking."
The other two vulnerabilities were found in WebKit, a web browser engine used by Safari and other apps, which may allow a remote attacker to potentially cause "arbitrary code execution." The logic issue has been addressed in the new update with "improved restrictions."
The security flaws impact the iPhone 6s and later, the iPad Air 2 and later, the iPad mini 4 and later, and the iPod touch (7th generation).
However, other details, such as who is actively exploiting the vulnerabilities, who might have fallen victim, or whether the attack was targeted against a specific set of users or widespread were unclear.
A spokesperson for Apple declined to comment further. Apple noted in the advisory that it would provide an update as soon as more details could be made available.
In order to install the latest update, simply open up the Settings app, choose General, and then choose Software Update.