The vulnerabilities include three for which exploits have already been seen in the wild.
Apple has released updates addressing 24 separate vulnerabilities in iOS 14.2 and iPadOS 14.2. The releases were part of a group of seven updates released on Nov. 5 covering products across all Apple hardware families.
Within the batch of vulnerabilities patched in these releases are three zero-day vulnerabilities — those for which an exploit was found in the wild before a patch was available. All three of these zero-days — CVE-2020-27930, CVE-2020-27950, and CVE-2020-27932 — exist in iOS 14.2, iPadOS 14.2, macOS Catalina, and watchOS 5.3.9. Two of the vulnerabilities would allow an attacker to execute arbitrary code on the vulnerable system; the third would allow a malicious application to disclose the contents of kernel memory.
Apple recommends that all users update their systems as soon as possible.
About the Author(s)
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024