Apple Fixed Zero-day iPhone flaw with iOS1502 - Update Now

Apple Fixed Zero-day iPhone flaw with iOS1502 - Update Now

Are you an iPhone or iPad user? Then you should update your device now, there is a new zero-day vulnerability affecting iPhones and iPads, and Apple has just released an update to fix this issue and keep your device secure

Apple has not released details on how this vulnerability could be exploited in an attack, but it could be used to steal data or install malware Therefore, if your device asks you to update to iOS 1502 or iPadOS 1502, do so immediately

The CVE-2021-30883 vulnerability is a critical memory corruption bug inside IOMobileFrameBuffer that essentially allows apps to execute commands on vulnerable devices with kernel privileges

Kernel privileges allow any command to be executed on the device, allowing malicious actors to steal data from the device or install some malware

According to Apple, this vulnerability may be actively exploited in the attack, but details on how have not been disclosed This is a deliberate tactic, making it more difficult for other doers to figure out the exploit or reverse engineer the patch for their own benefit However, Apple has confirmed that improvements in memory handling have fixed the memory corruption problem

Of course, as Bleeping Computer points out, that doesn't stop security researcher Saar Amar from reverse engineering the patch to figure out what's going on If you are interested in the technical details of the exploit, we encourage you to read that article Once the device has been updated, that is

Affected devices include all iPad Pro, 7th generation iPod Touch, iPhone 6S and all subsequent models up to the new iPhone 13 series, iPad Air 2 and later models, iPad mini 4 and later models, and 5th generation iPad and all succeeding iPads This includes a very large number of devices, in some cases dating back to 2014

It is unclear if this exploit is widely used or involved in a specific targeted attack, but it is not worth looking into directly Go into the settings menu and install the software update immediately

Categories