Apple fixes ninth zero-day vulnerability used in attacks against iPhones

Share post:

Apple confirmed in an advisory that it has fixed a zero-day vulnerability used in attacks against iPhones. The flaw marks the ninth zero-day bug Apple has fixed in 2022, although the tech giant says the vulnerability “may have been actively exploited.”

Despite confirmation that the vulnerability is being actively exploited, Apple has not yet released any information about the attacks. It is believed that the refusal to disclose details will allow Apple customers to patch their devices before more attackers develop additional exploits and use them in attacks.

The bug in question is an out-of-bounds write issue reported to Apple by an anonymous researcher, caused by software that writes data outside the limits of the current memory buffer.

Successful exploitation can lead to data corruption, application crashes or code execution due to undefined or unexpected results due to subsequent data written to the buffer.

Apple warned that the vulnerability could be exploited in attacks and used by potential attackers to execute arbitrary code with kernel privileges.

Affected are Apple devices from iPhone 8, iPad (all models), iPad Air from the 3rd generation and later, iPad from the 5th generation and later, and iPad mini from the 5th generation and later.

The sources for this piece include an article in BleepingComputer.

SUBSCRIBE NOW

Related articles

Anthropic Warns: AI “Virtual Employees” Could Pose Security Risks Within a Year

Anthropic, a leading artificial intelligence company, anticipates that AI-powered virtual employees could begin operating within corporate networks as...

Hertz Data Breach Exposes Customer Information via Supply Chain Hack

Hertz has disclosed a data breach resulting from a cyberattack on its vendor, Cleo Communications, which compromised sensitive...

Google’s New Security Feature – Automatic Reboot

Google is introducing a new security feature in its latest Android update that will automatically reboot phones and...

Cybersecurity Firm Prodaft Buys Hacker Forum Accounts to Monitor Cybercriminal Activity

Swiss cybersecurity company Prodaft has initiated a program to purchase verified and aged accounts on hacking forums, aiming...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways