Apple is urging users to update devices with the latest iOS 14.4 to fix three security vulnerabilities that ‘may have been actively exploited’ by hackers.

The tech giant released a statement on its Apple Support page that shows two bugs were identified in Webkit, the browser engine that powers Safari and one in the core operating system, Kernel.

The Kernel flaw was described as a ‘race condition’ that can allow malicious applications to elevate privileges, but the update fixes it with ‘improved locking.’

Photo by picjumbo.com from Pexels

Vulnerabilities in WebKit have been rectified with improved restrictions, but without the update hackers could remotely access devices ‘to cause arbitrary code execution,’ Apple states.

Apple rarely announces issues with its systems that could be used by bad actors in malicious activity, but the tech giant is open to receiving reports from others who find a security of privacy vulnerability.

The firm’s site shows an ‘anonymous researcher’ spotted the flaws codenamed ‘CVE-2021-1782,’ ‘CVE-2021-1871’ and ‘CVE-2021-1870.’

Along with fixing the bugs, iOS 14.4 includes other updates for keyboard lag and allows devices to read smaller QR codes.

Man Holding Laptop Computer With Both Hands
Photo by Saksham Choudhary from Pexels

Apple does pride itself on a security system, but that does not mean the technology is immune to problems.

In 2019, Google’s Project Zero found several vulnerabilities in iMessage, with some allowing hackers to send malicious codes via text that granted them access to the device when opened.

Other bugs leveraged a flaw in iOS memory and allowed attackers to hoover data from the phone onto a remote device.

Apple recently shared another warning regarding its iPhone 12, which notifies users with pacemakers not to bring their iPhone close to their breast.

Photo by Torsten Dettlaff from Pexels

The firm’s latest devices feature a technology called MagSafe, which uses in-built magnets to firmly attach accessories like wireless chargers and wallets to the back of the phones.

iPhone 12 devices, released in October last year, also contain components and radios that emit electromagnetic fields.

Apple confirmed the risk applies to all iPhone 12 models – iPhone 12, iPhone 12 mini, iPhone 12 Pro, iPhone 12 Pro Max – and the two MagSafe chargers, the MagSafe Charger and the foldable MagSafe Duo Charger.