Last week, Apple released iOS 17.4.1 with rather vague release notes claiming to include important bug fixes and security patches. Now, two days later, the company has not yet added any specifics. This is unusual for Apple, which typically lists important security patches hours after a release, and suggests that the ones in iOS 17.4.1 could be significant or something else entirely…
9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.
The update comes two weeks after the release of iOS 17.4, which brought major changes to the iPhone in the European Union, mostly around the App Store, with support for alternative app marketplaces.
The release notes for iOS 17.4.1 simply say, “This update provides important bug fixes and security updates and is recommended for all users,” with a message to visit an Apple support page for additional information. The page, however, notes that details on the update are still “coming soon.”
Apple recommends for all users
This is not a coincidence. And could mean several things.
It’s possible Apple doesn’t want to disclose details about the iOS 17.4.1 security patches before the company has concluded its own investigation, which could point to something more significant. The update we received may have been a fix to prevent further exploitation.
“For the protection of our customers, Apple doesn’t disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are generally available,” Apple states on its security releases page.
Another possibility, which I think is most likely the reason, is that Apple is currently working on patching the same vulnerabilities on the Mac as well as the Apple Watch. With this new iOS release, we got the same security updates to iPadOS and visionOS, but not macOS or watchOS. Mac (and Apple Watch) users could still be at risk, and disclosing details about known CVEs in other products could leave a hole in Apple’s security posture.
Regardless, users should update their devices immediately.
The new security update is available on the following supported devices:
- iPhone XS and later
- iPad Pro 12.9-inch 2nd generation and later
- iPad Pro 10.5-inch
- iPad Pro 11-inch 1st generation and later
- iPad Air 3rd generation and later
- iPad 6th generation and later
- iPad mini 5th generation and later
- Apple Vision Pro
I’ll update this post as we learn more.
ICYMI: Security headlines
FTC: We use income earning auto affiliate links. More.
