Apple has released patches for three iOS zero-day vulnerabilities that were exploited in the wild, and reported by an anonymous researcher.
One exploit affects the iOS operating system (OS) kernel, and was described as a race condition bug that permits hackers to elevate privileges for their attack code.
The other two flaws were found in the WebKit browser engine, and characterized as logic issues that could enable remote attackers to execute malware inside users' Safari browsers.
Security experts think the zero-days are part of an exploit chain in which users are drawn to a malicious site that exploits the WebKit bug to run code that later escalates its privileges to run system-level code and compromise the OS.
View Full Article
Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA