Apple Confirms iOS 14.7 Fixes WiFi Bug and Many Other Vulnerabilities

[MacRumors]

Following the release of iPadOS 14.7 this morning, Apple has shared details on the security updates that are included in iOS 14.7, iPadOS 14.7, macOS Big Sur 11.5, watchOS 7.6, and tvOS 14.7, all of which came out this week.

Notably, Apple's documentation confirms that the iOS 14.7 and iPadOS 14.7 updates address a WiFi-related vulnerability that could impact iOS devices when joining a malicious WiFi Network.

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: Joining a malicious Wi-Fi network may result in a denial of service or arbitrary code execution

Description: This issue was addressed with improved checks.

Back in June, a wireless networking naming bug was discovered, which could disable an iPhone or iPad's WiFi functionality. Joining a network named "%p%s%s%s%s%n" could, in some cases, permanently disable WiFi on a device, and in many other cases, it required resetting an iPhone entirely.

During the beta testing process, it was discovered that the bug was no longer functional, and Apple's notes make it clear that the issue has been addressed.

The iOS and iPadOS 14.7 updates also address a number of other security vulnerabilities related to audio files, Find My, PDFs, web images, and more, so all iPhone and iPad users should update to the new iOS 14.7 updates as soon as possible.

There are also security fixes in macOS Big Sur 11.5, tvOS 14.7, and watchOS 7.6. For Mac users who run older versions of macOS, Apple has released security updates for macOS Catalina and macOS Mojave.

Article Link: Apple Confirms iOS 14.7 Fixes WiFi Bug and Many Other Vulnerabilities

 

[macsplusmacs]

Does this fix the Pegasus iMessage hole?

 

[vegetassj4]

Did they fix the screen wake issue on the Mac Mini's? (Thank goodness it only happens to me infrequently)

 

[dadiy]

all we need to know is have they patched the current Pegasus attack.

 

[ratspg]

all we need to know is have they patched the current Pegasus attack.

Lol no way they patched it.

 

[JosephAW]

Keep checking to see if they updated iOS 12

 

[bobtem]

Wait, Apple confirms that the fix fixes the thing they said it was going to fix?

 

[boswald]

I will do more research on my own, but I’d rather ask IT pros here first just in case I don’t understand what I’m reading. That said, is this Pegasus attack a hardware or software vulnerability?

 

[Freida]

DUDE! iOS!

Did they fix the screen wake issue on the Mac Mini's? (Thank goodness it only happens to me infrequently)

 

[OriginalMacRat]

My iPad Pro 12.9" 1st gen doesn't see this update... It says 14.6 is the current version.

 

[djc6]

Didn't fix the horrific battery life I've had on my iPhone 11 Pro since 14.6

Seems cellular related for me - if I turn off cellular and go Wi-Fi only, it can last two days!

 

[unobtainium]

There’s no 14.7 update for iPad yet.

 

[OriginalMacRat]

There’s no 14.7 update for iPad yet.

My iPad 6th gen updated to 14.7 last night.

 

[LV426]

There’s no 14.7 update for iPad yet.

There‘s no 14.7 update for your particular iPad on your particular network connected To your particular content delivery network.

Restart your iPad and try again. Or try again later.

 

[volfreak]

I will do more research on my own, but I’d rather ask IT pros here first just in case I don’t understand what I’m reading. That said, is this Pegasus attack a hardware or software vulnerability?

Since Pegasus is a fairly new thing, I'm pretty sure it's not fixed in this release. It's a SW vulnerability.

Pegasus - what to know

 

[svenning]

Didn't fix the horrific battery life I've had on my iPhone 11 Pro since 14.6

Seems cellular related for me - if I turn off cellular and go Wi-Fi only, it can last two days!

Same here. Also noticed that my phone gets really hot just by doing simple tasks as mail or webbrowsing. Used to have 30% when I went to bed, after 14.6 it’s been 10% before 6pm

 

[imlynxy]

…. and brings Apple Watch unlock problems. one way or the other

 

[katbel]

…. and brings Apple Watch unlock problems. one way or the other

Exactly why I'm waiting for the 14.7.1 for the iPhone , soon please!

 

[katbel]

There’s no 14.7 update for iPad yet.

Till today it didn't appear on mine as well but now it's available

 

[citysnaps]

Does this fix the Pegasus iMessage hole?

Was that mentioned in the story?

 

[macsplusmacs]

Was that mentioned in the story?

Vulnerabilities were.

 

[unobtainium]

Till today it didn't appear on mine as well but now it's available

Just had to restart to make it appear.

 

[LV426]

Does this fix the Pegasus iMessage hole?

No, it does not, since the particular attack vector is not known (and there may be multiple variants). It's suspected that security faults in iMessage are one obvious way into an iPhone.

You will notice that the large list of security fixes in this release include numerous references to font and image parsing vulnerabilities. Exactly the kinds of things that an attacker can send in an iMessage.

Apple are trying hard to fill in the cracks of iMessage. But it's worrying that iMessage is probably stuffed full of zero-day vulnerabilities. Professor Matthew Green of John Hopkins University goes so far as to say that iMessage probably needs to be completely rewritten from scratch using safe coding practises.

 

[Apleeseed84]

Happy to say this fixed the monumental Apple Music issues I was having!

 

[katbel]

Just had to restart to make it appear.

I think we couldn't see it because iPadOS 14.7 came out only today ?