One week after seeding watchOS 7.6 to the public, Apple is now releasing watchOS 7.6.1. With this version, the company addresses an important security fix.
According to Apple’s security notes, watchOS 7.6.1 fixed an IOMobileFrameBuffer flaw that could have been actively exploited to execute arbitrary code with kernel privileges.
Three days ago, Apple also released iOS 14.7.1 and macOS Big Sur 11.5.1. All of these versions brought ‘important security updates’.
IOMobileFrameBuffer
Available for: Apple Watch Series 3 and later
Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2021-30807: an anonymous researcher
With iOS 14.7.1, Apple introduced a bug affecting the integration between iPhone and iPad, which Apple explained in a support document:
Apple promised an update for this issue last week, and that is what has rolled out to iPhone users. Apple wrote in the release notes:
When you have Unlock with iPhone turned on, unlocking your iPhone unlocks your Apple Watch as long as you’re wearing it. An issue in iOS 14.7 affects the ability of iPhone models with Touch ID to unlock Apple Watch.
For macOS Big Sur 11.5.1, it fixed an IOMobileFrameBuffer flaw that could have been actively exploited to execute arbitrary code with kernel privileges.
iOS 14.7.1 fixes an issue where iPhone models with Touch ID cannot unlock a paired Apple Watch using the Unlock with iPhone feature. This update also provides important security updates and is recommended for all users.
With watchOS 7.6 Apple brought the ECG app and irregular heart rhythm notifications to 30 additional countries and version 7.6.1 a security fix.
Available for: macOS Big Sur
