Articles Apple 0-day bug for iOS, iPadOS and macOS has...

Apple 0-day bug for iOS, iPadOS and macOS has been fixed

-

Apple developers have released patches for iOS, iPadOS and macOS that address a zero-day vulnerability that the company says is already being exploited for attacks. The company has not yet disclosed any details about these attacks.

The issue was discovered by an anonymous researcher, identified as  CVE-2021-30807, and is related to the IOMobileFramebuffer kernel extension, which allows developers to control how device memory interacts with the framebuffer. According to the developers, CVE-2021-30807 can be used to execute arbitrary code with kernel privileges on a vulnerable device.

The vulnerability is known to affect all Macs, iPhone 6s and later, all iPad Pros, iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation).

The cybersecurity researcher has already posted a PoC exploit for this problem on Twitter, and another researcher claims to have recently discovered the same error independently of Apple and released a detailed description of the  problem, which he said he was just preparing to report to the manufacturer.

Apple recommends that users update to macOS Big Sur 11.5.1, iOS 14.7.1, and iPadOS 14.7.1 as soon as possible, which were released to address the vulnerability.

CVE-2021-30807 is the thirteenth 0-day vulnerability patched by Apple in 2021.

Must read

28 dangerous extensions detected for Google Chrome and Microsoft Edge

Avast experts have discovered malware hidden in at least 28 third-party...

Critical Infrastructure Warning! Millions of PLCs, switches, IoT devices are under threat

Eleven vulnerabilities, combined under the name Urgent / 11,...

Why Is It Important To Have Intrusion Detection And Prevention ?

This article describes why detection and prevention of burglaries...

The risk is real: attacks on OT infrastructure

Previously, many believed that attacks on an isolated OT...

Gitpaste-12: Linux bot armed with a dozen exploits

Researchers at Juniper Networks have discovered a Linux scripting...

Saferwall : Open Source Malware Analysis

Saferwall is an open source malware analysis platform. It...

Network Vulnerability Assessment ? Why Should Every Company Do it at least once a Year !

Network vulnerability assessment analyzes a variety of network issues,...

Artificial Intelligence and Cyber Security

As artificial intelligence intrudes into the world of cybersecurity,...

You might also likeRELATED
Recommended to you