Apple is notorious for downplaying security vulnerabilities. Whether an update is a huge security flaw that is major or just a small bug Apple just states an update is important, this then leads to users shrugging off the updates. Even more now that the smartphone manufacturer is being accused of slowing down iPhones with the same updates.
If you have seen the prompt on your iPhone to update to iOS 14.7.1 but have been putting it off, you might want to rethink that.
For instance, in the release notes for iOS 14.7.1 Apple says it “fixes an issue where iPhone models with Touch ID cannot unlock a paired Apple Watch using the Unlock with iPhone feature. This update also provides important security updates and is recommended for all users,” simple right?
When you head over to Apple’s support page that details security fixes, some more important but left out details are revealed.
This is what it says about iOS 14.7.1 (and iPadOS 14.7.1):
IOMobileFrameBuffer
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2021-30807: an anonymous researcher
I have highlighted in bold a very serious statement that users who don’t click to learn more details would never know.
Security researcher Saar Amar, who discovered this vulnerability several months ago, has detailed this bug, and how it can be exploited here.
So, if your iPhone or iPad is still reminding you to install this update, you might want to.
To install the update, go to Settings > General > Software Update and download it from there.
