Today is a good day to update your iPhones and iPads, folks. Apple has pushed an emergency update to fix a zero-day vulnerability in iOS and iPadOS. The vulnerability, being tracked as CVE-2021-30883, may have been actively exploited, according to Apple’s update notes.
Attributing the credits of filing this bug to an anonymous researcher, the update note explains that ‘an application may be able to execute arbitrary code with kernel privileges.’ Apple does not go in details about the exploit but kernel privileges allow an application to execute any command on the device which can be used to plant other malware or steal user data.
Saar Amar, a security researcher who published a proof of concept of the flaw, confirmed iOS versions 14.7.1 through 15.0.1 are affected, although he says much earlier versions could be affected as well.
iOS 15.0.2 update is available for iPhone 6s and later. iPadOS 15.0.2 is available for all models of iPad Pro, iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation). It’s strongly advised that you update your devices right away.
If automatic updates are turned on, your device should download the update for you. But you can update manually by going to Settings > General and choosing Software Update.