Apple has just released iOS 14.4 and iPadOS 14.4, and the update notes contain some worrying language (via TechCrunch). Under kernel updates, Apple notes that “a malicious application may increase privileges,” and under WebKit updates, “a remote attacker may be able to cause arbitrary code execution.” Following both statements, the update says: “Apple is aware of a report that this issue has been actively exploited.”
What this means in general is that you need to update your iOS devices as soon as possible. To make the language clear: Apple has found a security hole in its operating systems, and it also has evidence that someone may have exploited it. The update notes do not contain any further details, and we do not know at this time who used the security breach or what they used it for.
Either way, the security breaches are not insignificant. An application that can increase privileges means that it can do things that it is not supposed to be able to do. Again, there are no details, but broadly speaking, a malicious app could bypass some of Apple’s security protections.
Using WebKit is no better. If a remote attacker can execute arbitrary code, it means that an attacker can do things on your phone only if you visit a website they control.
This is not to say that it’s time to go into total cyber lock mode, but it does mean that 14.4 is not an update that you would like to delay for a while. Meanwhile, Apple says it will provide additional details soon, so we’ll keep an eye out for more information on the operations.