Security News > 2023 > October > Apple fixes iOS Kernel zero-day vulnerability on older iPhones
2023-10-12 16:40
Apple has published security updates for older iPhones and iPads to backport patches released one week ago, addressing two zero-day vulnerabilities exploited in attacks.
The first zero-day is a privilege escalation vulnerability caused by a weakness in the XNU kernel that can let local attackers elevate privileges on vulnerable iPhones and iPads.
Apple has now also fixed the issue in iOS 16.7.1 and iPadOS 16.7.1 with improved checks, but it has yet to reveal who discovered and reported the flaw.
Apple emergency update fixes new zero-day used to hack iPhones.
Apple backports BLASTPASS zero-day fix to older iPhones.
Apple opens 2024 applications to get 'security research' iPhones.
News URL
Related news
- Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability (source)
- Fraudsters imprisoned for scamming Apple out of 6,000 iPhones (source)
- CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack (source)
- Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel (source)
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
- Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine (source)
- Apple fixes two zero-days used in attacks on Intel-based Macs (source)
- Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities (source)
- Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308) (source)
- Apple Patches Two Zero-Day Attack Vectors (source)