Security News > 2023 > October > Apple fixes iOS Kernel zero-day vulnerability on older iPhones

Apple has published security updates for older iPhones and iPads to backport patches released one week ago, addressing two zero-day vulnerabilities exploited in attacks.
The first zero-day is a privilege escalation vulnerability caused by a weakness in the XNU kernel that can let local attackers elevate privileges on vulnerable iPhones and iPads.
Apple has now also fixed the issue in iOS 16.7.1 and iPadOS 16.7.1 with improved checks, but it has yet to reveal who discovered and reported the flaw.
Apple emergency update fixes new zero-day used to hack iPhones.
Apple backports BLASTPASS zero-day fix to older iPhones.
Apple opens 2024 applications to get 'security research' iPhones.
News URL
Related news
- Apple fixes two zero-days exploited in targeted iPhone attacks (source)
- Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) (source)
- PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware (source)
- Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks (source)
- Apple Patches Two Zero-Days Used in ‘Extremely Sophisticated’ Attacks (source)
- ⚡ Weekly Recap: iOS Zero-Days, 4Chan Breach, NTLM Exploits, WhatsApp Spyware & More (source)