Security News > 2023 > October > Apple fixes iOS Kernel zero-day vulnerability on older iPhones
2023-10-12 16:40
Apple has published security updates for older iPhones and iPads to backport patches released one week ago, addressing two zero-day vulnerabilities exploited in attacks.
The first zero-day is a privilege escalation vulnerability caused by a weakness in the XNU kernel that can let local attackers elevate privileges on vulnerable iPhones and iPads.
Apple has now also fixed the issue in iOS 16.7.1 and iPadOS 16.7.1 with improved checks, but it has yet to reveal who discovered and reported the flaw.
Apple emergency update fixes new zero-day used to hack iPhones.
Apple backports BLASTPASS zero-day fix to older iPhones.
Apple opens 2024 applications to get 'security research' iPhones.
News URL
Related news
- Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update (source)
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
- Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411) (source)
- Apple fixes zero-day exploited in 'extremely sophisticated' attacks (source)
- Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) (source)
- PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks (source)
- We call this kernel saunters: How Apple rearranged its XNU core with exclaves (source)
- Global Pressure Mounts for Apple as Brazilian Court Demands iOS Sideloading Within 90 Days (source)
- Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacks (source)
- Microsoft patches Windows Kernel zero-day exploited since 2023 (source)