Security News > 2022 > January > Apple Fixes 2 Zero-Day Security Bugs, One Exploited in the Wild
Apple on Wednesday released 13 patches for serious security bugs in macOS and 10 for flaws in iOS/iPadOS. They include fixes for two zero-day bugs, one of which may have been exploited by attackers in the wild.
The first zero-day is a memory-corruption issue that could be exploited by a malicious app to execute arbitrary code with kernel privileges.
The update is available for iPhone 6s and later, iPad Pro, iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch.
"Often, these types of bugs are used with significant ill intent or by governments engaged in human-rights abuses," Bambenek said via email.
"Unfortunately, we will likely see more of these bugs as the year goes on."
iOS 15.3 also brought fixes for security issues that could lead to apps gaining root privileges, the ability to execute arbitrary code with kernel privileges, and the ability for apps to get at user files through iCloud.
News URL
https://threatpost.com/apple-zero-day-security-exploited/178040/
Related news
- Apple fixes zero-day exploited in 'extremely sophisticated' attacks (source)
- Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) (source)
- Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update (source)
- Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacks (source)
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
- URGENT: Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days (source)
- Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
- Apple backports zero-day patches to older iPhones and Macs (source)