Security News > 2021 > March > Apple fixes a iOS zero-day vulnerability actively used in attacks
Apple has released security updates to address an iOS zero-day bug actively exploited in the wild and affecting iPhone, iPad, iPod, and Apple Watch devices.
The zero-days were addressed by Apple earlier today by improving the management of object lifetimes in iOS 14.4.2, iOS 12.5.2, and watchOS 7.3.3.
"This update provides important security updates and is recommended for all users," Apple tells users who update to the latest iOS version.
Apple patched two other sets of exploited in the wild iOS zero-days in January 2021 and November 2020, reported by an anonymous researcher and Project Zero, Google's 0day bug-hunting team.
In November, Apple patched three other iOS zero-days-a remote code execution bug, a kernel memory leak, and a kernel privilege escalation flaw-affecting iPhone, iPad, and iPod devices.
Project Zero recently revealed that a group of hackers used 11 zero-days in attacks targeting Windows, iOS, and Android users within a single year.
News URL
Related news
- Versa fixes Director zero-day vulnerability exploited in attacks (source)
- Windows vulnerability abused braille “spaces” in zero-day attacks (source)
- Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability (source)
- CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks (source)
- Google fixes ninth Chrome zero-day exploited in attacks this year (source)
- Week in review: PostgreSQL databases under attack, new Chrome zero-day actively exploited (source)
- Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs (source)
- Hacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and Belarus (source)
- Apple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to Attackers (source)
- SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks (source)