Security News > 2020 > November > Apple Patches Three Actively Exploited Vulnerabilities
Apple on Thursday released patches for tens of vulnerabilities across its products, including three flaws that are actively exploited in attacks.
The three vulnerabilities were discovered by Google Project Zero researchers and could lead to remote code execution, leak of kernel memory, and escalation of privilege to kernel level, respectively, Project Zero technical lead Ben Hawkes says.
The release of iOS 14.2 and iPadOS 14.2 addresses all three flaws, as well as twenty other vulnerabilities that affect components such as Audio, CallKit, CoreAudio, Foundation, ImageIO, Kernel, libxml2, Model I/O, and WebKit, among others.
The Center for Internet Security's Multi-Stage Information Sharing & Analysis Center notes in an emailed advisory that all three vulnerabilities pose a high risk to both government and business organizations, regardless of their size.
The three actively exploited vulnerabilities were also addressed with the release of updates for macOS Catalina 10.15.7, as well as in watchOS 5.3.9, watchOS 6.2.9, and watchOS 7.1.