Apple could release iOS 15 any day now. In fact, we expect to hear about a release date at the company’s big “California Streaming” event on September 14. But it looks like the company isn’t done patching up iOS 14 just yet. Without any beta test or other external warning, Apple has released iOS 14.8 and iPadOS 14.8.
The release notes are simple, stating only:
This update provides important security updates and is recommended for all users.
Reading the support page that clarifies the security updates, there are two described: One is an update to the CoreGraphics framework that says, “Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.” The other is an update to the WebKit framework that says, “Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.” The New York Times reported that the update addresses a flaw related to the Pegasus spyware.
Here is the official security statement on each update:
CoreGraphics
- Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
- Impact: Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
- Description: An integer overflow was addressed with improved input validation.
- CVE-2021-30860: The Citizen Lab
WebKit
- Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
- Description: A use after free issue was addressed with improved memory management.
- CVE-2021-30858: an anonymous researcher
How to get iOS 14.8
To get these important security updates, simply open the Settings app on your iPhone or iPad, tap General, then Software Update, and finally Download and Install.
