One week after seeding watchOS 7.6 to the public, Apple is now releasing watchOS 7.6.1. With this version, the company addresses an important security fix.

According to Apple’s security notes, watchOS 7.6.1 fixed an IOMobileFrameBuffer flaw that could have been actively exploited to execute arbitrary code with kernel privileges.

IOMobileFrameBuffer

Available for: Apple Watch Series 3 and later

Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2021-30807: an anonymous researcher

Three days ago, Apple also released iOS 14.7.1 and macOS Big Sur 11.5.1. All of these versions brought ‘important security updates’.

With iOS 14.7.1, Apple introduced a bug affecting the integration between iPhone and iPad, which Apple explained in a support document: 

When you have Unlock with iPhone turned on, unlocking your iPhone unlocks your Apple Watch as long as you’re wearing it. An issue in iOS 14.7 affects the ability of iPhone models with Touch ID to unlock Apple Watch.

Apple promised an update for this issue last week, and that is what has rolled out to iPhone users. Apple wrote in the release notes: 

iOS 14.7.1 fixes an issue where iPhone models with Touch ID cannot unlock a paired Apple Watch using the Unlock with iPhone feature. This update also provides important security updates and is recommended for all users.

For macOS Big Sur 11.5.1, it fixed an IOMobileFrameBuffer flaw that could have been actively exploited to execute arbitrary code with kernel privileges.

IOMobileFrameBuffer

Available for: macOS Big Sur

Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2021-30807: an anonymous researcher

With watchOS 7.6 Apple brought the ECG app and irregular heart rhythm notifications to 30 additional countries and version 7.6.1 a security fix.

FTC: We use income earning auto affiliate links. More.


Check out 9to5Mac on YouTube for more Apple news:

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

About the Author