Security News > 2021 > March > Apple fixes a iOS zero-day vulnerability actively used in attacks
Apple has released security updates to address an iOS zero-day bug actively exploited in the wild and affecting iPhone, iPad, iPod, and Apple Watch devices.
The zero-days were addressed by Apple earlier today by improving the management of object lifetimes in iOS 14.4.2, iOS 12.5.2, and watchOS 7.3.3.
"This update provides important security updates and is recommended for all users," Apple tells users who update to the latest iOS version.
Apple patched two other sets of exploited in the wild iOS zero-days in January 2021 and November 2020, reported by an anonymous researcher and Project Zero, Google's 0day bug-hunting team.
In November, Apple patched three other iOS zero-days-a remote code execution bug, a kernel memory leak, and a kernel privilege escalation flaw-affecting iPhone, iPad, and iPod devices.
Project Zero recently revealed that a group of hackers used 11 zero-days in attacks targeting Windows, iOS, and Android users within a single year.
News URL
Related news
- Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085) (source)
- Apple fixes zero-day exploited in 'extremely sophisticated' attacks (source)
- Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) (source)
- Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update (source)
- PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks (source)
- Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks (source)
- Ivanti warns of new Connect Secure flaw used in zero-day attacks (source)
- Ivanti zero-day attacks infected devices with custom malware (source)
- Zero-Day Vulnerability in Ivanti VPN (source)
- Fortinet Warns of New Zero-Day Used in Attacks on Firewalls with Exposed Interfaces (source)