Apple Zero-Day Actively Exploited on iPhone 15

Without many details, Apple patches a vulnerability that has been exploited in the wild to execute code.

Dark Reading Staff, Dark Reading

December 14, 2022

1 Min Read
Image of iPhone 8
Source: STANCA SANDA via Alamy Stock Photo

The latest Apple security update includes a fix for an actively exploited security vulnerability that could allow arbitrary code execution on iPhone 8 and above. 

The bug, fixed with the iOS 16.1.2 update, is a type confusion issue in the WebKit browser engine. Type confusion occurs when a piece of code doesn't verify the type of object that is passed to it; in this case, it can be be triggered when processing specially crafted content, Apple noted in its advisory. 

As for the active exploitation, the mobile giant noted that it is "aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1."

Apple has been plagued by zero-day exploits over the past several months.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights