What just happened? If you’re anything like me, you might occasionally put off downloading iOS and iPadOS updates for a day or a week—especially small ones. But Apple’s most recent update for iPhone and iPad is one you should prioritize. It fixes a security flaw that is being actively exploited by malicious individuals out in the wild.
Another day, another security exploit. Apple explains in a security document that the minor update—iOS 14.4.2 and iPadOS 14.4.2—blocks “maliciously crafted web content [that] may lead to universal cross site scripting.” This means a malicious website could gain access to information on other pages you have open on your device. Older devices can download iOS 12.5.2, which includes a similar patch.
Apple goes on to add that this vulnerability has already been exploited, although further details aren’t available.
Installing the update is simple: Launch Settings on your device, tap General, then Software Update. If your iPhone or iPad hasn’t already auto-installed the update, iOS or iPadOS 14.4.2 should be ready and waiting.
This security fix is available for iPhone 6s and later on the 14.4.2 patch, while 12.5.2 covers devices dating as back as iPhone 5S from 2013, which looks like solid support in our book.