watchOS 7.6.1 now available with patch for known security exploit

article thumbnail

Apple has released watchOS 7.6.1 with a security update that patches a known exploit that may have been actively used.

The new release patches an exploit that enabled apps to execute arbitrary code with kernel privileges. Apple says that it is aware of a report in which the issue could have been actively exploited.

The new update will automatically install overnight as long as the Apple Watch is connected to power. Users can manually install the update by opening the Watch app, selecting General, then Software Update to start the update process.

The exploit was reported using the code CVE-2021-30807 by an anonymous researcher. The details of the exploit have not been publicized by Apple nor the report database.

AppleInsider previously reported that watchOS 7.6.1 had released on Wednesday, July 28, due to release notes being available for the update. However, Apple didn't officially release the update until July 29.