You can now find Cyber Kendra on Google News | Telegram

Apple Fix Actively Exploited Zero-day Bug in iOS and MacOS

The XNU vulnerability is the sixteenth zero-day vulnerability patched by Apple this year.

Apple has released fixes for a zero-day vulnerability in iOS and macOS, which, according to the Google security team, is already actively exploited by hackers.

The vulnerability, identified as CVE-2021-30869 , is present in the XNU kernel component on modern Apple operating systems. This is the sixteenth zero-day vulnerability patched by Apple this year. Now macOS and iOS also getting a huge number of zero-days as compare to the last couple of years.

As Shane Huntley, head of the Google Threat Analysis Group, explained, the vulnerability in XNU is one of two links in the exploit chain. Hackers use it, together with a known vulnerability in WebKit, to execute malicious code in the victim's browser and escalate its privileges in order to gain control over the attacked device.

Huntley said his team will provide more details on the attacks in 30 days so that users have time to update, as the likelihood of attacks will increase significantly after publication.

Security updates have been released for macOS Catalin and iOS 12.5.5, which means the vulnerability does not affect newer iOS versions such as iOS 14 and 15.

Apple also ported two patches for other zero-day vulnerabilities released on September 13, 2021. Originally targeted at iOS 14 (CVE-2021-30860 and CVE-2021-30858), fixes are now also available for older iPhones running iOS 12.

Post a Comment

Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.
Site is Blocked
Sorry! This site is not available in your country.