Apple users will want to update their devices as soon as possible.
Apple has released security updates for iOS, iPadOS, and macOS Big Sur that address a zero-day exploit that is currently being actively exploited in the wild. An anonymous security researcher reported the memory corruption issue. Hopefully, they were well compensated for their discovery.
The updates – iOS 14.7.1, iPadOS 14.7.1 and macOS Big Sur 11.5.1 – all involve CVE-2021-30807, which can allow an application to execute arbitrary code with kernel privileges. Apple said it is aware of a report that the exploit has been actively leveraged in public.
To obtain the iOS or iPadOS update, go to Settings > General > Software Update and then tap “Download and Install.” On a Mac, go to the Apple menu, then System Preferences > Software Update > Update Now.
As Bitdefender highlights, Twitter user Saar Amar reportedly discovered the vulnerability months ago and was planning to alert Apple once he had fully worked out the exploit in order to have a “high-quality” submission. Instead, it seems someone else beat Amar to the punch.
Either way, you’ll want to apply this patch ASAP since the exploit is already being used by nefarious parties. The update, at least on iPhones, checks in around 920MB in size.