Apple Issues iOS Patches for Three Zero-Days Exploited in the Wild
Other news for 1/27/21: Fix issued for privilege escalation vulnerability in Sudo, Four more vendors admit to SolarWinds infection, Flaw in TikTok gave access to users' phone numbers and more
Take a minute to sign up for a premium subscription to Metacurity. Lots of goodies on the way for our premium customers, who have exclusive access to the archives too.
Apple issued security updates for iOS to patch three zero-day vulnerabilities exploited in the wild, all of which were reported to Apple by an anonymous security researcher.
One zero-day impacts the iOS operating system kernel (CVE-2021-1782) and is described as a race condition that could give attackers privilege escalation. The other two flaws were discovered in the WebKit browser engine (CVE-2021-1870 and CVE-2021-1871). They were described as "logic issues" that could allow remote attackers to execute their own malicious code inside users' Safari browsers. (Catalin Cimpanu / ZDNet)
Related: Security News | Tech Times, Business Standard, SiliconANGLE, IT Pro, The Hacker News, iMore, Business Insider, 9to5 Mac, TechCrunch, Cyber Kendra, CNN.com, CTVNews.ca, The Sun, CNN.com, News.com.au, Pocketnow
A now-fixed Sudo vulne…
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.