Security News > 2022 > December > Apple Patches iPhone Zero-Day
The most recent iPhone update-to version 16.1.2-patches a zero-day vulnerability that "May have been actively exploited against versions of iOS released before iOS 15.1.".
Apple said security researchers at Google's Threat Analysis Group, which investigates nation state-backed spyware, hacking and cyberattacks, discovered and reported the WebKit bug.
WebKit bugs are often exploited when a person visits a malicious domain in their browser.
It's not uncommon for bad actors to find vulnerabilities that target WebKit as a way to break into the device's operating system and the user's private data.
WebKit bugs can be "Chained" to other vulnerabilities to break through multiple layers of a device's defenses.
News URL
https://www.schneier.com/blog/archives/2022/12/apple-patches-iphone-zero-day.html
Related news
- Apple Patches Actively Exploited Zero-Day Affecting iPhones, Macs, and More (source)
- Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085) (source)
- Apple fixes this year’s first actively exploited zero-day bug (source)
- SLAP, Apple, and FLOP: Safari, Chrome at risk of data theft on iPhone, Mac, iPad Silicon (source)
- Week in review: Apple 0-day used to target iPhones, DeepSeek’s popularity exploited by scammers (source)