iOS 14.4.2 critical update pushed out.
iOS 14.4.2 patches a vulnerability that is being actively exploited.
iOS 12.5.2 pushed out for non-supported devices carrying the same fix.
Apple has pushed out a critical update for the iPhone and iPad in the form of iOS 14.4.2 and iPadOS 14.4.2 that patches a vulnerability that is being currently, actively exploited. While the update is considered a minor update, the vulnerability it patches is apparently a major one, given that Apple’s pushed out this update less than three weeks after having pushed out iOS 14.4.1.
Apple’s release notes say that this update should be installed by all users with eligible devices. According to the document, the vulnerability allows for “Processing maliciously crafted web content may lead to universal cross-site scripting. Apple is aware of a report that this issue may have been actively exploited.” The update patches the vulnerability on devices ranging from the iPhone 6s all the way to the latest iPhone 12 series.
Interestingly, Apple has also released iOS 12.5.2 and iPadOS 12.5.2 for devices that are not compatible with iOS 14. This includes iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation). The iPhone 5s was released way back in 2013, seven years ago. In contrast, while most Android OEMs promise two to three years of security updates, many smartphones never actually end up receiving such updates over their committed timeline. A study had also shown that some Android OEMs were claiming to have pushed a security patch for a particular month, but in reality, that was not the case.
If you’re using an iPhone 5s or newer, or an iPod Touch (6th gen) or any of the iPad devices, you can go to Settings > General > Software Update to get the OTA update. Do ensure your device has 50 percent or more charge, or that it is plugged into a charger through the duration of the update process. As a safety precaution, do ensure to take a backup of your device in case the update gets botched and you need to restore your device.