On 3 May 2021 Apple released patches to fix security issues in macOS, iOS, iPadOS and watchOS.
The security issues, affecting the WebKit browser engine that powers Safari and iOS browsing, potentially allowed an attacker to execute their own code by forcing WebKit to process malicious web content, according to Apple’s macOS Big Sur 11.3.1 security update page.
There are two vulnerabilities:
- A memory corruption flaw (CVE-2021-30665); and
- an integer overflow issue (CVE-2021-30663).
Which systems are affected?
The following systems and versions are affected, and patches are available:
- macOS Big Sur prior to version 11.3.1
- iOS and iPadOS (for iPhone 6s and later) prior to version 14.5.1
- iOS (for iPhone 6 and earlier) prior to version 12.5.3
- watchOS prior to version 7.4.1
Recommended actions
We recommend running the system update process on any Apple devices as soon as possible.
If you want to check whether your Apple device already has the updated software version, the following instructions may be helpful:
- Mac: find out which macOS version your Mac is using
- iPhone, iPad or iPod: find the iOS or iPadOS software version on your iPhone, iPad or iPod
- Apple Watch: update watchOS on your Apple Watch