Less than one week after Apple released iOS 14.7, iPadOS 14.7 and macOS Big Sur 11.5, Apple pushed out an urgent security update to address a flaw that may have been actively exploited. This is Apple's thirteenth vulnerability since the beginning of 2021.

As often the case, details about the flaw have not been disclosed but Apple credits an anonymous researcher for discovering and reporting the vulnerability.

It's highly recommended that users move quickly to update their devices to the latest version to mitigate the risk associated with the flaw.

Other vulnerabilities Apple has patched this year include:

  • CVE-2021-1782 (Kernel) - A malicious application may be able to elevate privileges
  • CVE-2021-1870 (WebKit) - A remote attacker may be able to cause arbitrary code execution
  • CVE-2021-1871 (WebKit) - A remote attacker may be able to cause arbitrary code execution
  • CVE-2021-1879 (WebKit) - Processing maliciously crafted web content may lead to universal cross-site scripting
  • CVE-2021-30657 (System Preferences) - A malicious application may bypass Gatekeeper checks
  • CVE-2021-30661 (WebKit Storage) - Processing maliciously crafted web content may lead to arbitrary code execution
  • CVE-2021-30663 (WebKit) - Processing maliciously crafted web content may lead to arbitrary code execution
  • CVE-2021-30665 (WebKit) - Processing maliciously crafted web content may lead to arbitrary code execution
  • CVE-2021-30666 (WebKit) - Processing maliciously crafted web content may lead to arbitrary code execution
  • CVE-2021-30713 (TCC framework) - A malicious application may be able to bypass Privacy preferences
  • CVE-2021-30761 (WebKit) - Processing maliciously crafted web content may lead to arbitrary code execution
  • CVE-2021-30762 (WebKit) - Processing maliciously crafted web content may lead to arbitrary code execution 

Source: The Hacker News