Apple has released an update for iPhones, iPads and watches to close a security hole that is actively being attacked by hackers.
The security update is iOS 14.4.2 and iPadOS 14.4.2, which also contains a patch for older devices such as iOS 12.5.2. watchOS is also updated to 7.3.3.
Apple said the vulnerability identified by security researchers in Google’s Project Zero may have been “actively exploited” by hackers. The bug can be found in WebKit, the browser engine that supports the Safari browser on all Apple devices.
It is not known who is actively exploiting the vulnerabilities or who could have been a victim. Apple did not say whether the attack was aimed at a small subset of users or whether it was a broader attack. It’s the third time (by our count) that Apple released a security-only update this year to fix active attack bugs. Earlier this month, the company released patches for similar vulnerabilities in WebKit.