Security News > 2021 > October > Emergency Apple iOS 15.0.2 update fixes zero-day used in attacks
Apple has released iOS 15.0.2 and iPadOS 15.0.2 to fix a zero-day vulnerability that is actively exploited in the wild in attacks targeting Phones and iPads.
While Apple has not provided any details on how this vulnerability was used in attacks, they state that there are reports of it being actively used in attacks.
Apple purposely keeps vulnerability reports vague to make sure the update is applied to as many devices as possible before other threat actors can learn the details or reverse engineer the patch to create their own exploits.
While it is possible that the vulnerability is used in targeted attacks and is not widely used, it is strongly advised to install the update as soon as possible due to its severity.
Two zero-days earlier this month, one of them used also used to install Pegasus spyware on iPhones,.
Two iOS zero-day bugs in June that "May have been actively exploited" to hack into older iPhone, iPad, and iPod devices.
News URL
Related news
- Apple fixes two zero-days used in attacks on Intel-based Macs (source)
- Apple Patches Two Zero-Day Attack Vectors (source)
- Rackspace monitoring data stolen in ScienceLogic zero-day attack (source)
- Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability (source)
- Qualcomm patches high-severity zero-day exploited in attacks (source)
- Ivanti warns of three more CSA zero-days exploited in attacks (source)
- Mozilla fixes Firefox zero-day actively exploited in attacks (source)
- Firefox Zero-Day Under Attack: Update Your Browser Immediately (source)
- CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack (source)
- Fortinet warns of new critical FortiManager flaw used in zero-day attacks (source)