Apple releases zero-day security vulnerability patch for Macs, iPhones, iPads
What's the story
Last week, Apple released the iOS version 14.7 update for iPhones. However, it accidentally interrupted the "Unlock with iPhone" feature that Apple Watch users relied on to access the wearable.
To fix it, Apple recently pushed another update for iOS apart from iPadOS and macOS. These updates also patch a zero-day vulnerability, attributed to an anonymous researcher, that caused memory corruption in Apple devices.
Revived
Patch re-enables Apple Watch functionality lost with iOS 14.7
Apple's latest patch for iOS re-enables the ability to unlock your Apple Watch if your iPhone is close by. The error was introduced by Apple's previous update to the operating system that brought support for its newly-introduced MagSafe-compatible wireless power bank.
However, even if you don't have an Apple Watch, you should still install Apple's urgent update.
Details
Security patch prevents misuse of screen framebuffer kernel component
Addressing the thirteenth zero-day security vulnerability this year, Apple's newest update for iOS (version 14.7.1), iPadOS version 14.7, and macOS version 11.5 fixes a memory corruption issue identifiable uniquely by the code CVE-2021-30807.
The issue was caused by a kernel component responsible for managing the screen framebuffer that could be misused to execute malicious code with kernel-level privileges.
Eerie timing
Apple credits vulnerability's discovery to anonymous researcher
Apple noted that it was "aware of a report that this issue may have been actively exploited." In such instances, Apple redacts additional information about the vulnerability to prevent further misuse and to maintain the integrity of the security patch.
Apple credited an anonymous researcher with the discovery of this vulnerability. However, one cannot help but note that the Pegasus malware is also rampant.
Speculation
Pegasus malware link could have fueled Apple's urgency
The Hacker News reported that the timing of this security patch indeed raises questions about possible links to the Pegasus malware that has been the center of media attention of late.
Nevertheless, we strongly advise you to install the security patch on all your Apple devices at the earliest to plug the vulnerability and regain the lost Apple Watch feature if you're on iOS.