Apple users are already pretty quick when it comes to downloading new OS updates, but anyone with an iPhone, iPad, or Apple Watch need to be even more proactive about installing iOS 14.4.2 and watch OS 7.3.3 as quickly as possible to address an active security threat.
Unlike larger software updates, which might bring some updated features, iOS 14.4.2, iPadOS 14.4.2, and watchOS 7.3.3 are rolling out now to fix an active security exploit that allows malicious websites to potentially engage in universal cross-site scripting. That means if you’re planning to visit any sketchy websites, well, you might be opening yourself up to some problems unless you install the update.
Apple said the threat may have been actively exploited, so it’s not just a potential threat, MacRumors noted.
The threat, which is patched by Apple’s latest OS updates, is listed under CVE-2021-1879 and was first detailed by Clement Lecigne and Billy Leonard of Google’s Threat Analysis Group.
It’s described as a powerful zero-day exploit that affects a wide range of Apple devices, including the iPhone 6s and later, all models of the iPad Pro, the Apple Watch Series 3 and later—essentially any late-model iPhone, iPad, Apple Watch, and iPod Touch.
According to Apple, “this update provides important security updates and is recommended for all users,” so if that’s not enough of a warning, I don’t know what is.