Have you seen the prompt on your iPhone to update to iOS 14.7.1, but you’ve been putting it off? After all, it doesn’t seem like there’s much to it.
It’s just a bug fix, right?
No, this is no ordinary bug fix.
I find Apple a bit strange in that it downplays security vulnerabilities. Apple will tell you that an update is important, but in Apple-land, all updates are important.
Take the release notes for iOS 14.7.1 as an example:
iOS 14.7.1 fixes an issue where iPhone models with Touch ID cannot unlock a paired Apple Watch using the Unlock with iPhone feature. This update also provides important security updates and is recommended for all users.
The update is “important” and “recommended.”
But some are more important and recommended than others.
And this is one example.
Switch over to Apple’s support page that details security fixes, and this paints a far more serious picture. Few click to go to this page, but it’s worth a visit.
This is what it says about iOS 14.7.1 (and iPadOS 14.7.1):
IOMobileFrameBuffer
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2021-30807: an anonymous researcher
Let me highlight the key bit for you:
“Apple is aware of a report that this issue may have been actively exploited.”
In case you don’t know, that’s serious.
But it gets better.
Security researcher Saar Amar, who discovered this vulnerability several months ago, has detailed this bug, and how it can be exploited by bad guys. You can read the gory details here.
The bottom line is that not all bugs are the same, and not all updates are created equally, and while iOS 14.7.1 seems on the face of it to be a small update, it’s incredibly important.
So, if you’re iPhone or iPad is still reminding you to install this update, do it now.
Right now.
To install the update, go to Settings > General > Software Update and download it from there.