It has only been a week since Apple Inc. released a set of OS updates addressing nearly three dozen bugs. The California-headquartered tech giant, once again, patched a zero-day impacting iOS, iPadOS, and macOS.

The storyline

An unnamed researcher reported the new flaw that could be exploited to run malicious code on the affected device.
  • Dubbed CVE-2021-30807, the bug resided in the iGiant's IOMobileFrameBuffer code, which is a kernel extension for managing the screen frame buffer.
  • It also stated it is aware of an incident with possible exploitation of the flaw. 

More details

  • Apple released iOS 14.7.1, iPadOS 14.7.1, and macOS Big Sur 11.5.1 updates.
  • The iOS 14.7.1 update also addresses a bug that was initially unlocking Apple Watch upon unlocking an iPhone, provided Unlock with iPhone is turned on.
  • The macOS update resolves a bunch of security and performance issues, along with other fixes.

Recent threat around Apple 

  • According to Apple, NSO’s spyware Pegasus exploited a flaw in iMessage, even on devices running iOS 14.6.
  • XCSSET malware was updated by actors to steal critical data from the applications saved in sandbox directories of macOS.
  • In addition to this, tens of security holes were addressed in iOS and iPadOS, including a flaw that could let hackers crash the Wi-Fi functionality of vulnerable devices.
  • A report from a group of media outlets and Amnesty International revealed that iPhones aren’t as secure as the firm claims them to be.

Bottom line

Attacks against Apple products have grabbed headlines in recent months. After the Pegasus row, Apple released a slew of updates and urged users to install the patches at the earliest.

Cyware Publisher