Security News > 2021 > May > Apple products hit by fourfecta of zero-day exploits – patch now!
Unlike vendors such as Microsoft, Google Android and Mozilla, security updates emerge from Cupertino HQ whenever Apple thinks the time is right.
For the protection of our customers, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are generally available.
As we've said before, Apple rarely deviates from this stony-faced silence, which can be annoying when there's a security problem in Apple's code that is commonly known and already being discussed widely, yet the company still won't say whether it's working on a fix at all.
From this, you might have inferred that the security hole was introduced to Apple's codebase after iOS 12 came out, and therefore didn't apply to the older iOS 12 version at all.
Any Apple device that supported iOS 13 when it came out must now be upgraded to iOS 14.5.1 in order to be up to date with security fixes.
That's because iOS 14 replaced iOS 13, which is no longer supported at all and therefore dangerously far behind on security updates.
News URL
Related news
- Apple backports zero-day patches to older iPhones and Macs (source)
- Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws (source)
- PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware (source)
- Patch Tuesday: Microsoft Fixes 134 Vulnerabilities, Including 1 Zero-Day (source)
- Apple fixes two zero-days exploited in targeted iPhone attacks (source)
- Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) (source)
- Apple Patches Two Zero-Days Used in ‘Extremely Sophisticated’ Attacks (source)
- Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now (source)
- Critical Erlang/OTP SSH RCE bug now has public exploits, patch now (source)
- ⚡ Weekly Recap: iOS Zero-Days, 4Chan Breach, NTLM Exploits, WhatsApp Spyware & More (source)