Apple recently released a new security update for iPhone, iPad, Apple Watch and Mac devices, and it is worth users of any or all of these devices downloading it right away. The fact that the same security update has been released for all these product lines at the same time is not a coincidence. Instead, it highlights how it protects against a vulnerability to a core Apple service, Safari.
Apple devices tend to be pretty safe with many assuming them to be safer than Android and Windows alternatives. While that might be true to an extent, safer is not the same as safe. Any device can encounter issues and there has already been an increase recently in the number of attacks specifically targeting Apple’s devices. Due to this, any security warning or update released by apple is one that’s worth paying attention to.
Apple released the latest security updates on March 8. For iPhone, the update arrives as iOS 14.4.1 and iPadOS 14.4.1 for iPad, with specific models affected dating back to iPhone 6s, iPad Air 2, and iPad mini 4. This update also applies to the 7th-generation iPod touch. Apple Watch wearers with a Series 3 or newer will want to look out for the watchOS 7.3.2 update. Likewise, Mac device users will want to be installing the macOS Big Sur 11.2.3 security update. In spite of them applying to different device types, all of these updates are listed as addressing the same WebKit issue.
In the most basic sense, WebKit is Safari. Technically, it is Apple’s own browser engine that powers Safari, but it is also used for some of the company’s other services as well. For example, the WebKit website highlights that, in addition to the browser, it is also used for Mail and the App Store, as well as “many other apps on macOS, iOS.” This alone highlights how central it is and how any WebKit vulnerability has the potential to impact on a number of apps and users. In terms of the actual problem, Apple notes the security update fixes an issue where “maliciously crafted web content may lead to arbitrary code execution.” Essentially, hackers and scammers could create a website or page that once accessed or interacted with could trigger an exploit on the device.
As is the case with any security update that’s released, whether by Apple, Google, or any other company, it is always a good idea to apply the update as soon as possible. While there are no suggestions this specific exploit has been actively used yet, devices will remain vulnerable until they are updated. Due to this, it is worth any iPhone, iPad, Apple Watch or Mac users installing Apple’s latest security update as soon as possible.