Apple fixes another three iOS zero-days exploited in the wild

Apple fixes another three iOS zero-days exploited in the wild

Posted January 26, 2021

Apple fixes another three iOS zero-days exploited in the wild

  • Apple has released today security updates for iOS to patch three zero-day vulnerabilities that were exploited in the wild.
  • All three zero-days were reported to Apple by an anonymous researcher and patches are available as part of iOS 14.4.
  • Security experts believe the three bugs are part of an exploit chain where users are lured to a malicious site that takes advantage of the WebKit bug to run code that later escalates its privileges to run system-level code and compromise the OS.
  • However, official details about the attacks where these vulnerabilities were used were not made public, as is typical with most Apple zero-day disclosures these days.

– Catalin Cimpanu | January 26, 2021