Apple just released iOS 17.4 and right now everyone's attention is focused on how it allows you to run third-party app stores on your iPhone, although only if you're in the European Union. But there's another important reason why you should update: it fixes two extremely serious security flaws.
In a new security post (via BleepingComputer), Apple says that iOS 17.4 and iPadOS 17.4 resolve two zero-day bugs in the iOS kernel and Apple's RTKit that could allow an attacker to bypass the device's memory protections. kernel of your device. This could give malicious actors very high-level access to your device, so it's imperative that you patch your iPhone as soon as possible by opening the Settings app, going to General > Software Update, and following the on-screen instructions.
These questions are not just hypothetical; Apple says it is “aware of a report that this issue may have been exploited” in both cases, and if a zero-day flaw has been actively exploited, it means hackers have been able to take advantage of these issues without anyone knowing. . With that in mind, there are plenty of reasons to update your device now that Apple has released a series of fixes.
Apple says the bugs affect a wide range of devices: iPhone iPad Air third generation and later. iPad 6th generation and later, and iPad mini 5th generation and later. In other words, many people could be affected.
Actively exploited
Zero-day flaws like these are often exploited in targeted attacks, often by sophisticated state-sponsored groups. Apple did not share any details about how or when these vulnerabilities were used in nefarious ways, nor whether they were discovered by Apple's own security teams or by third-party researchers.
Apple devices are known for their strong defenses, but they are increasingly falling into the crosshairs of hackers. Recent research suggests there were 20 active zero-day flaws targeting Apple products in 2023, double the previous year. According to BleepingComputer, three zero-day attacks on Apple devices in 2024 have been fixed so far.
This type of exploit demonstrates why it is so important to keep all of your devices up to date with the latest patches, especially if they include security fixes. Leaving yourself vulnerable is a dangerous gamble when extremely sophisticated hacking groups exist in the wild. With this in mind, be sure to download the latest iOS 17.4 update as soon as you can.
