Security News > 2021 > July > Apple Patches Actively Exploited Zero-Day in iOS, MacOS

Apple patched a zero-day flaw on Monday, found in both its iOS and macOS platforms that's being actively exploited in the wild and can allow attackers to take over an affected system.

Apple released three updates, iOS 14.7., iPadOS 14.7.1 and macOS Big Sur 11.5.1 to patch the vulnerability on each of the platforms Monday.

Exploiting CVE-2021-30807 can allow for threat actors "To execute arbitrary code with kernel privileges," Apple said in documentation describing the updates.

Apple addressed the issue in each of the updates with "Improve memory handling," the company said.

Though Apple attributed the discovery of the bug to an "Anonymous researcher," a security researcher at the Microsoft Security Response Center came forward separately on Monday and tweeted that he had discovered the vulnerability some time ago but hadn't yet found the time to report it to Apple.

As iPhone users update to fix yet another Apple zero-day, they also continue waiting for the company to patch a flaw that makes their devices easy prey for Pegasus spyware.

News URL

https://threatpost.com/apple-patches-actively-exploited-zero-day-in-ios-macos/168177/