Active Exploitation of Vulnerability in Apple iPhone, iPad and Watch

Published on 29 Mar 2021

Updated on 03 Apr 2021

Apple has released a security update to address a vulnerability (CVE-2021-1879) in their products. There have been reports that this vulnerability is being actively exploited.

Successful exploitation of the vulnerability may lead to universal cross site scripting.

Users are advised to enable automatic software update by going to Settings>General>Software Updates>Enable Automatic Updates or patch their products to the latest versions immediately:

iOS 14.4.2 and iPadOS 14.4.2: for iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

iOS 12.5.2: for iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)

watchOS 7.3.3: for Apple Watch Series 3 and later

More information is available here:
https://support.apple.com/en-sg/HT201222
https://support.apple.com/en-sg/HT212256