Security News > 2021 > October > Emergency Apple iOS 15.0.2 update fixes zero-day used in attacks
Apple has released iOS 15.0.2 and iPadOS 15.0.2 to fix a zero-day vulnerability that is actively exploited in the wild in attacks targeting Phones and iPads.
While Apple has not provided any details on how this vulnerability was used in attacks, they state that there are reports of it being actively used in attacks.
Apple purposely keeps vulnerability reports vague to make sure the update is applied to as many devices as possible before other threat actors can learn the details or reverse engineer the patch to create their own exploits.
While it is possible that the vulnerability is used in targeted attacks and is not widely used, it is strongly advised to install the update as soon as possible due to its severity.
Two zero-days earlier this month, one of them used also used to install Pegasus spyware on iPhones,.
Two iOS zero-day bugs in June that "May have been actively exploited" to hack into older iPhone, iPad, and iPod devices.
News URL
Related news
- Apple fixes two new iOS zero-days exploited in attacks on iPhones (source)
- Apple fixes two actively exploited iOS zero-days (CVE-2024-23225, CVE-2024-23296) (source)
- Urgent: Apple Issues Critical Updates for Actively Exploited Zero-Day Flaws (source)
- Apple's trademark tight lips extend to new iPhone, iPad zero-days (source)
- DarkGate Malware Exploited Recently Patched Microsoft Flaw in Zero-Day Attack (source)
- New GoFetch attack on Apple Silicon CPUs can steal crypto keys (source)
- Microsoft fixes two Windows zero-days exploited in malware attacks (source)
- Apple Updates Spyware Alert System to Warn Victims of Mercenary Attacks (source)
- Apple: Mercenary spyware attacks target iPhone users in 92 countries (source)
- Apple stops warning of 'state-sponsored' attacks, now alerts about 'mercenary spyware' (source)