Apple fixes ninth zero-day vulnerability used in attacks against iPhones

Share post:

Apple confirmed in an advisory that it has fixed a zero-day vulnerability used in attacks against iPhones. The flaw marks the ninth zero-day bug Apple has fixed in 2022, although the tech giant says the vulnerability “may have been actively exploited.”

Despite confirmation that the vulnerability is being actively exploited, Apple has not yet released any information about the attacks. It is believed that the refusal to disclose details will allow Apple customers to patch their devices before more attackers develop additional exploits and use them in attacks.

The bug in question is an out-of-bounds write issue reported to Apple by an anonymous researcher, caused by software that writes data outside the limits of the current memory buffer.

Successful exploitation can lead to data corruption, application crashes or code execution due to undefined or unexpected results due to subsequent data written to the buffer.

Apple warned that the vulnerability could be exploited in attacks and used by potential attackers to execute arbitrary code with kernel privileges.

Affected are Apple devices from iPhone 8, iPad (all models), iPad Air from the 3rd generation and later, iPad from the 5th generation and later, and iPad mini from the 5th generation and later.

The sources for this piece include an article in BleepingComputer.

SUBSCRIBE NOW

Related articles

Cloudflare Launches Open Source Tool for Secure, Keyless SSH Authentication

Cloudflare has released an open-source tool called OPKSSH (OpenPubkey SSH), which allows developers and IT teams to use...

US Defence Contractor Fined 4.6 Million For Failing To Meet Cyber Security Requirements.

A U.S. defence contractor, MORSE Corp, has agreed to pay $4.6 million to settle allegations of failing to...

Tech Aide on U.S. Government Efficiency Team Linked to Cybercrime Group

A 19-year-old staffer working on the U.S. Department of Government Efficiency (DOGE) initiative has been linked to a...

Top U.S. Security Officials Have Even More Data Exposed Through Public Apps, Chats, and Data Leaks

A new investigation has revealed that personal information belonging to senior U.S. security officials — including active phone...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways