Apple today provided details about the security fixes included in last week’s iOS 17.4.1 and iPadOS 17.4.1 software updates for the iPhone and iPad.

In a support document, Apple said the updates patch an image-related security vulnerability that “may lead to arbitrary code execution.”


The full details:

“CoreMedia

Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later

Impact: Processing an image may lead to arbitrary code execution

Description: An out-of-bounds write issue was addressed with improved input validation.

CVE-2024-1580: Nick Galloway of Google Project Zero

WebRTC

Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later

Impact: Processing an image may lead to arbitrary code execution

Description: An out-of-bounds write issue was addressed with improved input validation.

CVE-2024-1580: Nick Galloway of Google Project Zero.”


To update your iPhone or iPad, open the Settings app and tap General → Software Update.

Apple said it has patched the same vulnerability in macOS 14.4.1 and visionOS 1.1.1 as well.


Popular Stories

Sources: iOS 18 Lets Apps Be Placed Anywhere on Home Screen Grid

iOS 18 will give iPhone users greater control over Home Screen app icon arrangement, according to sources familiar with the matter. While app icons will likely remain locked to an invisible grid system on…