Apple finally reveals the serious security issues it patched in iOS 17.4.1،
This flaw affected users of these devices: iPhone later, iPad 6th generation and later, and iPad mini 5th generation and later. Someone with one of the aforementioned devices and tapping on a malicious image could have given an attacker the ability to execute commands or codes on the target device. The update, once installed, removes this vulnerability from affected devices.
Apple updates its Security Releases support page to reveal flaws fixed by iOS 17.4.1 and iPadOS 17.4.1
Apple did not say there were any indications the vulnerability had been exploited. The simple description given by Apple read: “An out-of-bounds write issue has been resolved with improved input validation.” Given the listing number CVE-2024-1580, the flaw was discovered by Nick Galloway of Google Project Zero.
The second vulnerability was a flaw in the system Apple calls WebRTC, which provides “real-time communication for web browsers and mobile applications through application programming interfaces.” This flaw also impacted the same devices that we will happily repeat: iPhone XS and later, iPad Pro 12.9 inch 2nd generation and later, iPad Pro 10.5 inch, iPad Pro 11 inch 1st generation and later, iPad Air 3rd generation and later. , iPad 6th generation and later, and iPad mini 5th generation and later.
This vulnerability, which is also not exploited by any attacker that Apple is aware of, would also have allowed an attacker to execute commands or codes on a targeted device. The flaw was assigned the CVE number CVE-2024-1580 and was also discovered by Nick Galloway of Google Project Zero.
If you have not installed iOS 17.4.1, go to Settings > General > Software update and follow the directions.