Apple Stops Code Signing for iOS 14.7

Apple Stops Code Signing iOS 14.7

The iOS 14.7.1 update came out a little over a week ago and fixes a zero-day vulnerability.

Apple stopped code signing for iOS 14.7 this week following the release of iOS 14.7.1 in July.

The iOS 14.7.1 update was released a little over a week ago and fixes a vulnerability that could have been exploited by hackers. The release also includes a patch for the problem with unlocking Apple Watch via iPhone with Touch ID.

The vulnerability fixed in the update ( CVE-2021-30807 ) affects IOMobileFramebuffer – a kernel extension that allows developers to control how device memory supports a framebuffer (a memory area for short-term storage of one or more frames in digital form before sending it to the device).

According to Apple, hackers have already exploited this vulnerability in cyberattacks. CVE-2021-30807 is the thirteenth zero-day vulnerability patched by the company this year.

Since Apple stopped code signing for iOS 14.7, users who have updated their devices to iOS 14.7.1 will no longer be able to rollback to iOS 14.7.

It is a common practice for Apple to stop signing legacy code after a new iOS build is released. This is done to protect users from attackers who want to cash in on newly discovered vulnerabilities. Blocking users from downloading legacy code allows Apple to keep more devices running the latest software.

Catch up on more stories here

Follow us on Facebook here

Leave a Reply