Almost three weeks after the release of iOS/iPadOS 14.4.1 and more than a month after the iOS/iPadOS 14.4 upgrades, Apple launched iOS/iPadOS 14.4.2.
iOS and iPadOS 14.4.2 may be found in the Settings app of all supported devices and is available for free download. Go to Settings > General > Software Update to get the latest version.
A crucial security fix is provided by Apple’s release notes and should be implemented by all users, according to Apple. A vulnerability that was actively exploited, according to a security support document, has been fixed by this version.
As a result of better object lifetime management, Apple was able to resolve the problem.
A Security Upgrade For Older Devices, iOS and iPadOS 12.5.2, Was Also Provided by Apple.
It was released on March 26, 2021, for iOS 14.4.2 and iPadOS 14.4.2
WebKit
iPhone 6S and after, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch 5th generation and later are all supported (7th generation)
This can lead to universal cross-site scripting if the maliciously produced web content is processed. Apple is aware of a report that this vulnerability has been extensively exploited, and is taking appropriate measures to protect its customers.
Description: This problem was resolved through better control over the lifespan of objects.
Billy Leonard of Google Threat Analysis Group and Clement Lecigne of Google Threat Analysis Group are the authors of CVE-2021-1879:
In Terms of Security Of iOS 14.4.2 And iPadOS 14.4.2.
(This Document Describes the Security Content Of iOS 14.4.2 And iPadOS 14.4.2).
Apple doesn’t reveal, discuss, or confirm security problems until an investigation has taken place and updates or releases are ready for our customers’ protection. Apple A list of recent releases can be found at the bottom of the Apple security page.
When possible, Apple security materials cite CVE-IDs to identify vulnerabilities.
See the Apple Product Security page for more information on security.