Security News > 2020 > November > Apple patches three actively exploited iOS zero-days
Apple has patched today three iOS zero-day vulnerabilities actively exploited in the wild and affecting iPhone, iPad, and iPod devices.
The zero-days were addressed by Apple earlier today, with the release of iOS 14.2, the mobile OS's latest stable version.
The third actively exploited bug is a kernel privilege escalation flaw caused by a type confusion issue that makes it possible for malicious applications to execute arbitrary code with kernel privileges.
Apple have fixed three issues reported by Project Zero that were being actively exploited in the wild.
The Project Zero researchers also disclosed an elevation of privileges zero-day in the Windows kernel exploited in the wild, affecting all versions between Windows 7 and Windows 10.
News URL
https://www.bleepingcomputer.com/news/security/apple-patches-three-actively-exploited-ios-zero-days/
Related news
- Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update (source)
- Apple fixes zero-day exploited in 'extremely sophisticated' attacks (source)
- Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) (source)
- Global Pressure Mounts for Apple as Brazilian Court Demands iOS Sideloading Within 90 Days (source)
- Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacks (source)
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
- Apple Backports Critical Fixes for 3 Recent 0-Days Impacting Older iOS and macOS Devices (source)
- Apple backports zero-day patches to older iPhones and Macs (source)
- Apple Rolls Out iOS 18.4 With New Languages, Emojis & Apple Intelligence in the EU (source)