The flaws are also present in older devices, including earlier generations of iPhones and iPods.
Three exploited zero-day security vulnerabilities were patched via an iOS 12.5.5 update from Apple in recent days. The discovery of the XNU kernel vulnerability was attributed to Google researchers, who likely found the flaw due to the effects it has on the WebKit browser engine. According to ThreatPost, the issue affects iPhones 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2 & 3, 6th gen iPod touch, and macOS Catalina.
Another vulnerability patched in the update affects WebKit on older devices. Apple’s advisory states that CVE-2021-30858 allows an attacker to process malicious web content that could lead to arbitrary code execution.
News of these vulnerabilities comes after Apple’s release of an incomplete patch for a zero-day in its macOS Finder system. The patch has yet to fix the issue, in which a remote hacker could trick users into running arbitrary commands remotely.
While the tech giant does its best to stay on top of things, patches only work when users update their devices as soon as possible. Smartphones and computers need to be updated when fixes for these issues become available, so as not to put your data at further risk.
Make sure to update your hardware and software on a regular basis. Corporate and personal data are left open to attack otherwise.
← Click on the image to learn some tips and tricks to increase your cybersecurity awareness