"Apple Rushes to Patch Zero‑Day Flaw in iOS, iPadOS"

Apple has recently released an emergency update for its iOS, iPadOS, and watchOS operating systems to patch a zero-day security flaw being exploited in the wild.   The list of impacted devices includes iPhone 6s and later, all versions of the iPad Pro, iPad Air 2 and later, the 5th generation of iPad and later, iPad mini 4 and later, and the 7th generation of the iPod touch. Apple has also issued security updates for its Apple Watch products.  The security hole is being plugged with the release of iOS 14.4.2 and iPadOS 14.4.2.  Researchers suggest that users download the update as soon as possible.  The security flaw is known as CVE-2021-1879 and resides in WebKit, Apple’s open-source web browser engine used by the Safari browser, Mail, and various other iOS and iPadOS apps. According to researchers at CyberSecurityHelp, a remote attacker who can hoodwink their victim into clicking on a specially crafted link and execute arbitrary code could steal sensitive data, perform a phishing or drive-by-download attack, as well as change the appearance of a website.  

We Live Security reports: "Apple Rushes to Patch Zero‑Day Flaw in iOS, iPadOS"