Public iOS 17.4.1 Packs in These Important Security Fixes

iPhone 13 Pro with notification software update on settings app iOS 15.5 on the screen, new operating system 2022 on iPhone apple devices for download updates : Bangkok, Thailand May 29 2022
Text Size
- +

Toggle Dark Mode

Last week, Apple quietly released iOS 17.4.1, a typically minor sub-point-release update of the form that rarely includes much more than bug fixes and performance updates. However, as unexciting as these updates usually are in terms of new features, there’s still a very important reason to install them as soon as possible: security.

Once in a while, a minor release like this offers nothing other than some minor bug fixes. However, it’s much more common that these updates patch critical security flaws that Apple has discovered since the last major release. iOS 17.4.1 is no exception in this regard.

While all the exciting stuff was in iOS 17.4 — including some critical security patches — Apple has found a couple of others that were serious enough for it to not only push out iOS 17.4.1 but also release an iOS 16.7.7 update for the iPhone X, iPhone 8, and iPhone 8 Plus, which can’t be updated to iOS 17.

According to Apple’s security release notes for iOS 17.4.1 (and 16.7.7), these include patching a vulnerability in CoreMedia and WebRTC that could cause things hidden in image files to “lead to arbitrary code execution.” Nick Galloway of Google’s Project Zero is credited with discovering both of these security holes.

The good news is that, unlike two of the security problems fixed in iOS 17.4, there’s no indication that either of these has been actively exploited by cybercriminals or other bad actors. However, that doesn’t mean they won’t be.

In fact, that’s the most dangerous thing about not updating to a new version of iOS as soon as it’s released. While iOS 17.4 had these security vulnerabilities all along, very few people actually knew about them. Now, thanks to Apple’s release notes, everyone does, including scammers, hackers, and crooks who will try to find ways to use them to wreak havoc on your iPhone — and possibly, your personal life.

This alone is why it’s never a good idea to stay behind on older versions of iOS—or any operating system, for that matter. In the name of transparency, Apple has to disclose these security issues as soon as they’re patched, and there’s no way Apple can ensure only the “good guys” know about them. Studies have shown that most cyberattacks target older software versions with known — and published — vulnerabilities.

Other Security Updates and Fixes

The iOS 17.4.1 release is also accompanied by an iPadOS 17.4.1 update (and iPadOS 16.7.7 for older devices) that addresses the same issues on that side.

Apple also released macOS Sonoma 14.4.1 and macOS Ventura 13.6.6 earlier today to patch the same issues on the Mac, plus visionOS 1.1.1 last week for Apple Vision Pro owners.

The release notes for macOS Sonoma 14.4.1 also include a fix for the USB monitor hub problem that we reported on last week, noting that “USB hubs connected to external displays may not be recognized.” There are also fixes for professional music apps that rely on copy-protected audio unit plug-ins and other apps that include Java in them.

However, there’s no indication yet if macOS 14.4.1 fixes the printing problems some were reporting, particularly with HP printers or the file versioning issue with iCloud Drive.

Social Sharing