Cert NZ issues iPhone and iPad security warning – vulnerability is being actively exploited by hackers

Crown Agency CERT NZ (Computer Emergency Response Team) has released advice about an iOS vulnerability that Apple says is being actively exploited by hackers.

The problem is related to iOS (the software that powers iPhones), iPadOs, and tvOS (the software that powers the Apple TV).

Immediately update your Apple iOS, iPadOS, and tvOS devices to version 14.4 where the update is available. For most users, a pop-up should alert you that an update is available – select “Update now,” according to CERT NZ’s advice.

If you do not receive a popup message, follow these steps: Go to Settings> System> Software Update. There, select ‘Software Update’.

I tried The Herald, but iOS 14.4 was not yet available. Usually Apple provides updates on a rolling basis [IUPDATE: 14.4 is now available for most].

Details are scarce at this point, but it’s an apple Notification page Regarding this issue, “a malicious application may be able to gain privileges,” if it exploits the vulnerability, indicating that a hacker may be taking control of the device.

“Apple is aware of a report that this issue has been actively exploited,” the iPhone maker says on its security notice page.

IOS 14.4 also adds support for capturing smaller QR codes – a handy addition as we are all encouraged to further scan our Covid sticker.

CERT NZ recommends users to enable automatic software update functionality on any device.

The announcement removed some of the shine from Data Privacy Day, which saw Facebook chief Mark Zuckerberg Angry With Apple’s move to get advertisers to disclose when they want to track your activity.

Zuckerberg called this movement a competition. Apple said it was responding to users’ demands for more privacy and transparency, and issued a “A day in the life of your dataOffer to push his case.