Security News > 2023 > September > Apple emergency updates fix 3 new zero-days exploited in attacks
Apple released emergency security updates to patch three new zero-day vulnerabilities exploited in attacks targeting iPhone and Mac users, for a total of 16 zero-days fixed this year.
While Apple has yet to provide additional details regarding the flaws' exploitation in the wild, Citizen Lab and Google Threat Analysis Group security researchers have often disclosed zero-day bugs abused in targeted spyware attacks targeting high-risk individuals, including journalists, opposition politicians, and dissidents.
Citizen Lab disclosed two other zero-days, also fixed by Apple in emergency security updates earlier this month and abused as part of a zero-click exploit chain to infect fully patched iPhones with NSO Group's Pegasus commercial spyware.
Apple discloses 2 new zero-days exploited to attack iPhones, Macs.
Apple fixes new zero-day used in attacks against iPhones, Macs.
Adobe warns of critical Acrobat and Reader zero-day exploited in attacks.
News URL
Related news
- Windows MSHTML zero-day used in malware attacks for over a year (source)
- Japanese space agency spotted zero-day attacks while cleaning up raid on M365 (source)
- Apple Is Alerting iPhone Users of Spyware Attacks (source)
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks (source)
- Google fixes Android kernel zero-day exploited in targeted attacks (source)
- Windows Update downgrade attack "unpatches" fully-updated systems (source)
- “Perfect” Windows downgrade attack turns fixed vulnerabilities into zero-days (source)
- Microsoft fixes 6 zero-days under active attack (source)
- Google fixes ninth Chrome zero-day exploited in attacks this year (source)
- Week in review: PostgreSQL databases under attack, new Chrome zero-day actively exploited (source)