Apple
patches three actively exploited zero‑day flaws in iOS
The vulnerabilities, which
are all being abused for targeted attacks, affect a long list of devices
Amer Owaida
Just days after Google disclosed an
actively-exploited bug in Windows and discovered and squashed two zero-day
bugs in its Chrome web browser, Apple has
released patches of its own to fix three zero-day vulnerabilities under active
attacks. The trio of flaws, affecting a broad range of Apple’s products, also
happened to be unearthed by the bug-hunting crew of the Alphabet-owned company.
“Apple is aware of reports that an exploit for this
issue exists in the wild,” reads the company’s security bulletin describing
each of the three flaws. They’re being patched along with a number of other
security bugs as part of the release of iOS and iPadOS 14.2.
The list of devices impacted by the zero days
includes iPhone 6s and later, iPod touch 7th generation, iPad Air 2 and later,
and iPad mini 4 and later.
The Cupertino tech giant also issued security
updates for the vulnerabilities across a range of its other products, including
the Apple Watch with watchOS 5.3.9, 6.2.9, and 7.1, a supplemental update for its Mac products with
macOS Catalina 10.15.7, as well as
a fix for older devices running iOS 12.4.9.
Complete article: https://www.welivesecurity.com/2020/11/06/apple-plugs-three-zero-day-holes-ios/?utm_source=feedburner&utm_medium=email&utm_campaign=Feed%3A+eset%2Fblog+%28ESET+Blog%3A+We+Live+Security%29
