Security News > 2021 > July > Apple Patches 'Actively Exploited' Mac, iOS Security Flaw

Apple Patches 'Actively Exploited' Mac, iOS Security Flaw
2021-07-26 19:36

Apple on Monday released a major security update with fixes for a security defect the company says "May have been actively exploited" to plant malware on macOS and iOS devices.

Instead, a line in Apple advisory simply reads: "Apple is aware of a report that this issue may have been actively exploited."

The newly patched vulnerability - CVE-2021-30807 - was reported anonymously to Apple and is described as a memory corruption flaw that could be exploited to launch code execution attacks with kernel privileges.

The newest patch comes less than a week after Apple shipped iOS 14.7 with fixes for a wide range of security issues.

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series.

Ryan has built security engagement programs at major global brands, including Intel Corp., Bishop Fox and Kaspersky GReAT. He is a co-founder of Threatpost and the global SAS conference series.


News URL

http://feedproxy.google.com/~r/securityweek/~3/9mvQJ1bgMRg/apple-patches-actively-exploited-mac-ios-security-flaw

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-10-19 CVE-2021-30807 Out-of-bounds Write vulnerability in Apple products
A memory corruption issue was addressed with improved memory handling.
local
low complexity
apple CWE-787
7.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apple 72 238 1567 2279 265 4349