Security News > 2022 > January > Apple Fixes 2 Zero-Day Security Bugs, One Exploited in the Wild
Apple on Wednesday released 13 patches for serious security bugs in macOS and 10 for flaws in iOS/iPadOS. They include fixes for two zero-day bugs, one of which may have been exploited by attackers in the wild.
The first zero-day is a memory-corruption issue that could be exploited by a malicious app to execute arbitrary code with kernel privileges.
The update is available for iPhone 6s and later, iPad Pro, iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch.
"Often, these types of bugs are used with significant ill intent or by governments engaged in human-rights abuses," Bambenek said via email.
"Unfortunately, we will likely see more of these bugs as the year goes on."
iOS 15.3 also brought fixes for security issues that could lead to apps gaining root privileges, the ability to execute arbitrary code with kernel privileges, and the ability for apps to get at user files through iCloud.
News URL
https://threatpost.com/apple-zero-day-security-exploited/178040/
Related news
- 3 Actively Exploited Zero-Day Flaws Patched in Microsoft's Latest Security Update (source)
- Apple fixes this year’s first actively exploited zero-day bug (source)
- Apple Patches Actively Exploited Zero-Day Affecting iPhones, Macs, and More (source)
- Apple plugs security hole in its iThings that's already been exploited in iOS (source)
- Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085) (source)
- Apple fixes zero-day exploited in 'extremely sophisticated' attacks (source)
- Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) (source)
- Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update (source)