Apple Patches 3 More Zero-Days Under Active Attack

Threat Post -

One of the bugs, which affects as well as older versions of iPhones, could allow an attacker to execute arbitrary code with kernel privileges.

Apple has patched three actively exploited zero-day in updates to iOS and macOS, one of which can allow an attacker to execute arbitrary code with kernel privileges.

Apple released two updates on Thursday: iOS 12.5.5, which patches three that affect older versions of iPhone and iPod devices, and Security Update -006 Catalina for macOS Catalina, which patches one of same vulnerabilities, CVE-2021-30869, that also affects macOS.

The XNU kernel — the discovery of which was attributed to Google researchers Erye Hernandez and Clemente Lecigne of Google Threat Group and Ian Beer of Google Project Zero — is a type-confusion issue that Apple addressed with “improved state handling,” according to its advisory.

“A malicious application may be able to execute arbitrary code with kernel privileges,” the company said. “Apple is aware of reports that an exploit for this issue exists in the wild.”

The flaw also affects the WebKit engine, which is likely why it caught the attention of the Google researchers. The issue affects macOS Catalina

Read More: https://threatpost.com/apple-patches-zero-days-attack/174988/