Apple Fixes Numerous Zero-Day iOS Flaws | Avast

David Strom 6 Nov 2020

Update now to 14.2 to protect your iOS and iPadOS devices from new, previously unknown vulnerabilities

Researchers at Google’s Project Zero have found a series of remote execution, memory leak, and kernel privilege escalation bugs in both iOS and iPadOS. Users who are running older OS versions should update their devices to 14.2 as soon as possible.

The bugs aren’t election-oriented and were discovered last month. The issue is that font and audio files can be crafted by attackers to contain malicious code. Apple issued this support bulletin here. The updates to the OS’s also address numerous other bugs not related to the zero day exploits. 

The reason for the concern -- and hence this blog post -- is that the zero days are being actively exploited. Ars Technica has more details. Be sure to update your devices as soon as possible. 

To learn more about Mac security, see our Essential Guide to Mac Security

--> -->