Security News > 2020 > December > Apple Patches Code Execution Flaws in iOS and iPadOS
Apple on Monday released a major point-upgrade to its flagship iOS and iPadOS mobile operating systems to patch a handful of serious security vulnerabilities.
The iOS 14.3 and iPadOS 14.3 release will provide cover for 11 documented security flaws, some serious enough to expose iPhones and iPads to code execution attacks.
Apple patched two separate memory corruption issues in the way input is validated in certain font files and warned that a successful exploit "May lead to arbitrary code execution."
Apple said it improved input validation to fix the ImageIO bugs, which allow code execution via booby-trapped images.
The iOS and iPadOS patches also cover a logic error in App Store that may cause an enterprise application installation prompt to display the wrong domain; and a fix for a CoreAudio issue that could cause code execution via maliciously crafted audio files.
News URL
Related news
- Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update (source)
- Global Pressure Mounts for Apple as Brazilian Court Demands iOS Sideloading Within 90 Days (source)
- Apple Backports Critical Fixes for 3 Recent 0-Days Impacting Older iOS and macOS Devices (source)
- Apple Rolls Out iOS 18.4 With New Languages, Emojis & Apple Intelligence in the EU (source)