Apple releases security updates
Apple has released security updates for iPhone, iPad, iPod, and Apple Watch devices to address zero-day bug actively exploited in the wild. The vulnerability, identified as CVE-2021-1879, was discovered by the Google Threat Analysis Group. The problem affects the Webkit browser engine and allows to carry out cross-site scripting (XSS). To do this, the attacker would need to trick the victim into opening malicious web content on the device.
The zero-day was addressed by Apple in iOS 14.4.2 and iPadOS 14.4.2, iOS 12.5.2, and watchOS 7.3.3.
More information on vulnerability and updates is available in the Apple security page for the following products:
29 March 2021