Apple has released security updates to fix vulnerabilities in iOS 14.3, macOS Big Sur 11.1 and other products.
A hacker could exploit some of these vulnerabilities to take control of affected devices.
iOS and iPadOS 14.3
The latest iOS 14.3 and iPadOS 14.3 security update addresses 11 vulnerabilities on December 14, 2020.
The vulnerabilities impact iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later and iPod touch (7th generation).
Google’s Project Zero discovered 2 FontParser vulnerabilities (CVE-2020-27943 and CVE-2020-27944) that could lead to arbitrary code execution.
Another notable fix addressed an unauthorized code execution security vulnerability CVE-2020-27951 that could lead to an authentication policy violation.
macOS updates
Apple released macOS Big Sur 11.1, Security Update 2020-001 Catalina, and Security Update 2020-007 Mojave also on December 14 that addresses a whopping 59 vulnerabilities.
Nearly 20 of those fixes address vulnerabilities that could result in arbitrary code execution in Audio, CoreAudio, CoreText, FontParser, Image Processing, ImageIO, libxml2, Model I/O and WebRTC.
The update is available for macOS Big Sur 11.0.1, macOS Catalina 10.15.7 and macOS Mojave 10.14.6.
watchOS 7.2
The latest Apple Watch 7.2 security update addresses 10 vulnerabilities that impact Apple Watch Series 3 and later models.
Safari 14.0.2
The Safari 14.0.2 update addresses just one vulnerability CVE-2020-15969 that could lead to arbitrary code execution.
The update is available for macOS Catalina and macOS Mojave.
Other updates
Apple also published security updates for the following additional Apple products:
- iOS 12.5 (multiple older iPhone and iPad models)
- macOS Server 5.11 (macOS Big Sur)
- tvOS 14.3 (Apple TV 4K and Apple TV HD)
- watchOS 6.3 (Apple Watch Series 1 and Apple Watch Series 2).
Readers may also remember Apple previously addressed multiple vulnerabilities exploited in the wild last month that affected iOS, macOS and watchOS.
Check out the Apple Security Updates page for all the latest updates.