By the time 14.5 is released, we'll all be vaccinated and mask wearing will be a thing of the past! Watch unlock is a great feature we could have used a year ago!
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Releases iOS and iPadOS 14.4.2 to Fix Actively Exploited Security Vulnerability
- Thread starter MacRumors
- Start date
- Sort by reaction score
Most people are anxious for 14.5 for the Apple Watch unlock feature instead of FaceID. The rest of what's in 14.5 I could care less about. Is this feature just too difficult to get right or is there other stuff keeping Apple from releasing 14.5? I'm not a developer so I have no clue what the hold-up is, but sure could use that one feature before I no longer need it.
If I had to guess...
I'd say new products are gonna be included support-wise in iOS 14.5 so, in order not to reveal them earlier, they will release iOS 14.5 with the announcement...
How long does it take other mobile OSs to get a vulnerability patched on 1 year old devices much less a 6 year old one? I'll take the walled garden with a few weeds any day over the alternative.
Just for Apple Watch unlock feature alone I think iOS 14.5 will never be ready. It does not work at all. My Apple Watch is unlocked, right next to iPhone, yet swiping up does nothing. My iPhone is NOT unlocked. I do wear a mask.
Granted, it could be my own issue. But if this single feature won’t work right, idk what do I need for iOS 14.5. That anti tracking thing at this point is just PR and does mostly nothing practically.
I was able to download the update over 5G. Make sure you have the toggle set to allow updates over cellular.
i have no idea, but if its not released then that it means it still needs fixing and thats a good thing
5G is a must? Trying to switch it on somehow on my 11 Pro but there doesn't seem to have anything there :/
5G isn't a must. I just keep mine on that all the time. You should have been able to update with LTE.
... watchOS and iOS are updated. However no news of similar update with macOS – either it is not affected or it’s a bit ”forgotten” in the bigger scheme of things. Note that tvOS doesn’t include a web browser or anything resembles that, so probably not affected.
Just updated and my iPhone 12 Pro Max prompted me to input my iCloud password in settings again. I entered the verified password (know it by heart) 4 times and it gave me a verification error 4 times.
(Unrelated: updated my Apple Watch to the 7.3.2 overnight and it erased two of my mailboxes. Even playing around with settings in the Watch app on iPhone could not get them back.)
Apple really needs to watch software quality control on its devices- sorry to say, but it is getting downright sloppy.
(Unrelated: updated my Apple Watch to the 7.3.2 overnight and it erased two of my mailboxes. Even playing around with settings in the Watch app on iPhone could not get them back.)
Apple really needs to watch software quality control on its devices- sorry to say, but it is getting downright sloppy.
And perhaps a simple quick fix was possible? Something that wouldn't mess up 14.5 rollout.
Come across a bit of a bug on this update I think. Flick right while on the on lock screen and none of the widgets seem to work, not sure if I’ve missed something here, anyone come across this?
Well, in this case, Safari means WebKit, which is actually a system level framework on iOS and macOS. WebKit is used by Safari, Mail, the UI for accessing WiFi networks that require accepting terms of use, AppStore, iTunes, a number of third party apps, probably other things I don’t even realize.
Presumably, the iTunes download uses a mechanism similar to hardware recovery mode to update the OS (which is probably what the iTunes download is meant to be used for, well, that and pushing updates to managed devices from a management server).
That’s browsers in general, browser security is really hard. Browsers have so much surface area to exploit because they’re the only part of the system that regularly runs untrusted code. In the case of this vulnerability, it’s a cross-site scripting (or XSS) vulnerability, which means that the malicious site doesn’t break out of Safari but can inject malicious code into other sites (think ”able to hijack your login on Facebook to spend a spam message or your login on your bank account to steal money”).
That’s because Google has a whole team whose only job is finding exploits in various companies’ software. That’s these two’s full time job, finding exploits in third party software and submitting bug reports.
It’s clear that so many of the people in this thread aren’t all that technical, so there’s a lot of misinformation in it. I hate to be rude, but people really need to learn to shut their mouths instead of sharing opinions on something they know nothing about (but yeah, Dunning-Kruger effect and all). It really annoys me, since I do software testing for a living.
Was searching for a detailed description on how this vulnerability works.
I was browsing on Safari this morning and then saw, that my screen was being recorded.
I tapped on the record icon several times to stop it (no reaction for 5 seconds) till this came up: screen recording failed to save due to 5822.
No screen recording was saved in Photos.
This was kinda weird, since I didn't initially started the screen recording. It could only have happened by accident.
(swipping thru control center)
Is something like this even possible via cross-site scripting or am i just paranoid.
Immediately updated to 14.4.2 atfer that 😂
Last edited:
I understand being worried. To the best of my knowledge, though, there’s not a way of triggering screen recording via a web API, though there are APIs for mic and camera access.Was searching for a detailed description on how this vulnerability works.
I was browsing on Safari this morning and then saw, that my screen was being recorded.
I tapped on the record icon several times to stop it (no reaction for 5 seconds) till this came up: screen recording failed to save due to 5822.
No screen recording was saved in Photos.
This was kinda weird, since I didn't initially started the screen recording. It could only have happened by accident.
(swipping thru control center)
Is something like this even possible via cross-site scripting or am i just paranoid.
Immediately updated to 14.4.2 atfer that 😂