October 2, 2023

Apple has released security updates to address an iOS zero-day bug actively exploited in the wild and affecting iPhone, iPad, iPod, and Apple Watch devices.

The vulnerability tracked as CVE-2021-1879 tracked by Google Threat Analysis group. The zero-day was discovered in the Webkit browser engine and allows attackers to launch universal cross-site scripting attacks after tricking targets into opening maliciously crafted web content on their devices.

The list of affected devices includes: iPhone, iPad, Apple watches, iPods.The zero-days were addressed by Apple earlier today by improving the management of object lifetimes in iOS 14.4.2, iOS 12.5.2, and watchOS 7.3.3.

Apple patched two other sets of exploited in the wild iOS zero-days in January 2021 and November 2020, reported by an anonymous researcher and Project Zero, Google’s 0day bug-hunting team.

In January, the company fixed a race condition bug in the iOS kernel (tracked as CVE-2021-1782) and two WebKit flaws (tracked as CVE-2021-1870 and CVE-2021-1871).

Apple patched three other iOS zero-days. A remote code execution bug (CVE-2020-27930), a kernel memory leak (CVE-2020-27950), and a kernel privilege escalation flaw (CVE-2020-27932)—affecting iPhone, iPad, and iPod devices last year November

Tags:

Leave a Reply

Related Post

Clubhouse data leak

July 26, 2021

Android Apps Stealing FB Passwords

July 4, 2021

You may have missed

McLaren Healthcare suffers a Ransomware Incident

October 2, 2023

TheCyberThrone CyberSecurity Newsletter Top 5 Articles – September, 2023

October 2, 2023

TheCyberThrone Security Week In Review – September 30, 2023

October 1, 2023

Mozilla fixes CVE-2023-5217 Vulnerability in its Products

September 30, 2023

CISA KEV Update Part III – September 2023

September 30, 2023

Exim Mail Transfer Server Vulnerabilities

September 30, 2023
%d bloggers like this: