Apple says these are “important” security updates and are “recommended for all users.”
These patches fix the same vulnerability — a memory corruption bug in WebKit, the engine that powers Apple’s Safari browser. The bug can be triggered by visiting a malicious web page containing code that can exploit the vulnerability. Once exploited, an attacker can run malicious code on the affected Apple device.
The bugs were reported by Google and Microsoft, but are not believed to be actively exploited by malicious hackers unlike recent security flaws.
Last month, Apple pushed out iOS 14.4 to fix three WebKit vulnerabilities that were being “actively exploited.” The vulnerabilities were chained together to break into the underlying iPhone software.