Strange IndiaStrange India

Apple released some important software updates for your iPhone and Mac this week. You might not think so, based on the version numbers of each update, but iOS 17.4.1 and macOS 14.4.1 are both worth installing as soon as you can. Here’s why.

What’s new in iOS 17.4.1?

Apple’s latest update for iPhone (and iPad) doesn’t come with any new features or user-facing changes. The release notes don’t mention any specific new changes at all, which might make you think you are safe to skip the update or put it off for later.

However, it’s an important one nonetheless, as evidenced in Apple’s security release notes. For some reason, the company packages the security notes separately from the release notes you see in the Software Update section of your device. In this case, the company delayed releasing even the security notes for 17.4.1 until they also released macOS 14.4.1, which arrived a few days later.

In any event, we now know that iOS 17.4.1 (as well as iOS 16.7.7) patches two security vulnerabilities: The first is an out-of-bounds write flaw in CoreMedia, the part of iOS that deals with time-based audio-visual assets. Bad actors can take advantage of this flaw to trick you into opening a malicious image, which could lead to arbitrary code execution—in other words, they could exploit the flaw to run their own code on your device and potentially take it over.

The second issue is another out-of-bounds write vulnerability, this time with WebRTC, a platform that enables audio and video communication to function inside a web browser. Again, if you process a malicious-crafted image with this flaw, someone could conceivably take over your device using arbitrary code execution.

At the time of publication, Apple was not aware of these vulnerabilities being exploited in the wild, which is good news. However, know that they have been more widely advertised, it’s only a matter of time before someone tries to use them, so it’s important to update as soon as possible.

What’s new in macOS 14.4.1?

macOS 14.4.1 (and macOS 13.6.6 for that matter) also include these two patches, which is likely why Apple waited until it released these Mac updates before disclosing the specific vulnerabilities.

However, in addition to supplying important security patches, macOS 14.4.1 includes bug fixes for problems you may have experienced using macOS 14.4. According to Apple’s release notes, this update fixes an issue where macOS wouldn’t recognize USB hubs when connected to external displays, and one bug where copy protected Audio Unit plug-ins would not open or pass validation. Perhaps most importantly, the update fixes an issue where apps that use Java may quit unexpectedly.

These three patches fix some of the problems macOS users were reporting with version 14.4, so if you were holding off on updating to that version because of one of these three specific problems, macOS 14.4.1 should be a safer bet.

How to update your iPhone or Mac

Whether your iPhone is running iOS 17 or iOS 16, or your Mac is running macOS Sonoma or macOS Ventura, you should update ASAP to patch these issues.

To update your iPhone, head to Settings > General > Software Update. On your Mac, head to System Settings > General > Software Update.

Source link


Leave a Reply

Your email address will not be published. Required fields are marked *