Security News > 2020 > November > Apple patches three actively exploited iOS zero-days
Apple has patched today three iOS zero-day vulnerabilities actively exploited in the wild and affecting iPhone, iPad, and iPod devices.
The zero-days were addressed by Apple earlier today, with the release of iOS 14.2, the mobile OS's latest stable version.
The third actively exploited bug is a kernel privilege escalation flaw caused by a type confusion issue that makes it possible for malicious applications to execute arbitrary code with kernel privileges.
Apple have fixed three issues reported by Project Zero that were being actively exploited in the wild.
The Project Zero researchers also disclosed an elevation of privileges zero-day in the Windows kernel exploited in the wild, affecting all versions between Windows 7 and Windows 10.
News URL
https://www.bleepingcomputer.com/news/security/apple-patches-three-actively-exploited-ios-zero-days/
Related news
- Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update (source)
- Apple fixes this year’s first actively exploited zero-day bug (source)
- Apple Patches Actively Exploited Zero-Day Affecting iPhones, Macs, and More (source)
- Apple plugs security hole in its iThings that's already been exploited in iOS (source)
- Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085) (source)
- Apple fixes zero-day exploited in 'extremely sophisticated' attacks (source)
- Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) (source)