KEY POINTS

  • Apple announced the release of a new emergency security update
  • The said update aims to patch security flaws on iPhone and iPad devices
  • The critical vulnerability involves memory corruption issue

iPhone and iPad users are advised to update their devices as soon as possible following the release of an emergency security update from Apple.

The Cupertino-based tech titan Apple has been releasing unexpected security updates over the past months because of multiple zero-day bugs requiring emergency updates. This week is not an exception and iPhone and iPad users must update their devices to patch the flaw that makes them vulnerable to attacks and exploits.

Apple put out an emergency security announcement Monday about a recently uncovered zero-day vulnerability impacting iPhones and iPads. This critical flaw, according to the tech giant, is currently being exploited in the wild by malicious actors.

iPhone New technology will allow iPhones' operating systems to match abusive photos against a database of known child sexual abuse images Photo: AFP / LOIC VENANCE

Apple assigned the identifier CVE-2021-30883 to the said vulnerability, which involves a memory corruption issue in the IOMobileFrameBuffer component. As a result, it could allow an application to launch arbitrary code with kernel privileges.

The Cupertino-based tech giant did not reveal the specifics of the vulnerability as well as the nature of the attacks and the identity of the threat actors. This way, the majority of iPhone and iPad users could update the patch and prevent other hackers and malicious actors from exploiting and weaponizing the flaw.

Apple said the critical vulnerability affects "iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)."

Unfortunately, it is not clear if this security flaw has actively exploited a lot of iPhone and iPad devices and it's also not clear if it hasn't. And it is not wise for users to wait and find out. 

Regularly updating devices is the safest and fastest way to combat flaws and failing to do so on a regular basis is the easiest way for hackers to compromise users' data.

The CVE-2021-30883 is, by far, the second IOMobileFrameBuffer Apple has discovered after it was able to address a similar memory corruption issue with dubbed as CVE-2021-30807 in July. 

This highlights the high probability that the two vulnerabilities could be related. With the latest emergency security update, Apple has resolved 17 zero-days for 2021 alone.