In case you haven’t updated your iPhones, iPads, and Macs yet with the latest security patches, it needs to be done right now. Apple earlier this week released security updates to fix a single zero-day flaw, that could be used to attack devices and compromise their security. Therefore, Apple has recommended updating all its devices immediately to iOS 14.7.1, iPad OS 14.7.1 and macOS Big Sur 11.5.1, and watchOS 7.6. The newly-discovered ‘dangerous’ vulnerability that hackers may be actively exploiting, might risk the security of the device. Therefore, it is extremely important to download the new updates to keep Apple devices and data safe.

Patch notes for the iOS/iPadOS 14.7.1 and macOS 11.5.1 updates list on Apple’s official website list the security flaw as CVE-2021-30807, which apparently is a “memory corruption issue” in the IOMobileFrameBuffer component, as per the tech giant. The bug, according to reports, is in Apple’s all three operating systems. This implies that the hackers could execute arbitrary code attacks on the devices and the zero-day vulnerability could give leeway to the malicious apps access to your iPhones and other Apple devices.

It is to be noted that it becomes extremely urgent for the Apple users to download the updates as Apple’s bug reports confirm that it received an anonymous “report that this issue may have been actively exploited,” ZDNet’s reported, adding that a proof-of-concept attack has already appeared online.

Saar Amar of the Microsoft Security Response Center (MSRC) in a detailed blog on July 28 explained the vulnerability in detail. But in the nutshell, any unpatched Apple device may right now be at the threat of compromise. If the device isn't updated, it's vulnerable. The flaw has reportedly been identified in the IOMobileFrameBuffer that controls how an application manager operates on the device's display. “Vulnerability makes it possible for an application to execute arbitrary code with kernel privileges,” Apple warned.

This means that the harmful Trojan malware can infest the device taking leverage of the security vulnerability. Apple has assigned this vulnerability the catalogue number CVE-2021-30807, and the company’s security advisors told leading tech broadcasters that Apple was “made aware” of the zero days' warning, meaning that the software flaw was exploited. Apple credited "an anonymous researcher" with the discovery of the flaw, reports stated but has not linked Pegasus mobile spyware that has hit the headlines lately.

How to update your iPhone or iPad

Connect the Apple device to Wi-Fi and make sure that it is charged.

Open the Settings app.

Select General.

Select Software Update.

Select Download and Install—If a message asks to temporarily remove apps because the software needs more space for the update, tap Continue or Cancel.

Your device will update automatically overnight.

[Credit: Apple]

How to update Macs

Ensure Mac is charging, connected to Wi-Fi.

Click on the Apple icon on the menu bar.

Select System Preferences.

Select the Software Update icon.

Select Update Now.

Mac will update automatically

[Credit: Apple]

How to update Apple Watch

Make sure your Apple Watch is compatible with the latest software: watchOS 7

Upgrading to watchOS 7 requires an iPhone 6s or later running iOS 14 or later.

Update your iPhone to the latest version of iOS.

Make sure your Apple Watch is at least 50 per cent charged.

Connect your iPhone to Wi-Fi.

Keep your iPhone next to your Apple Watch, so that they're in range.

It could take from several minutes to an hour for the update to complete. You may want to update overnight or wait until you have time.

[Image credits: Apple]