- Apple has released today security updates for iOS to patch three zero-day vulnerabilities that were exploited in the wild.
- All three zero-days were reported to Apple by an anonymous researcher and patches are available as part of iOS 14.4.
- Security experts believe the three bugs are part of an exploit chain where users are lured to a malicious site that takes advantage of the WebKit bug to run code that later escalates its privileges to run system-level code and compromise the OS.
- However, official details about the attacks where these vulnerabilities were used were not made public, as is typical with most Apple zero-day disclosures these days.
– Catalin Cimpanu | January 26, 2021