Nearly three weeks after releasing its last urgent security updates, Apple Inc. has issued new software updates for its iPhone, iPad and Apple Watch products to address a new security vulnerability in the WebKit engine that powers the Safari browser and other Apple apps.
A Common Vulnerabilities and Exposures number has been created for the vulnerability — CVE-2021-1879 — but as is typical for Apple security updates, further details have not been disclosed. Apple credited the discovery of the vulnerability to Clément Lecigne and Billy Leonard of Google LLC’s Threat Analysis Group. Lecigne was also co-credited with discovering the vulnerability addressed in Apple’s last update.
As with the last update on March 8, the new update has seemingly been released without going through developer or public testing, suggesting that the vulnerability is serious and needed to be urgently addressed. The timing is also notable: The iOS 14.5 version was scheduled to be out before the end of the month but is now looking like it may be early April instead.
The new OSes are available for iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, iPod touch (7th generation) and Apple Watch Series 3 and later.
Apple also released iOS 12.5.2 for older devices that cannot run iOS 14, including iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3 and iPod touch (6th generation) to address the same WebKit vulnerability.
The updates can be installed on iOS and iPad manually through the settings app. Apple Watch users can obtain the update by going to My Watch.
Since you’re here …
Show your support for our mission with our one-click subscription to our…