The vulnerabilities include three for which exploits have already been seen in the wild.
Apple has released updates addressing 24 separate vulnerabilities in iOS 14.2 and iPadOS 14.2. The releases were part of a group of seven updates released on Nov. 5 covering products across all Apple hardware families.
Within the batch of vulnerabilities patched in these releases are three zero-day vulnerabilities — those for which an exploit was found in the wild before a patch was available. All three of these zero-days — CVE-2020-27930, CVE-2020-27950, and CVE-2020-27932 — exist in iOS 14.2, iPadOS 14.2, macOS Catalina, and watchOS 5.3.9. Two of the vulnerabilities would allow an attacker to execute arbitrary code on the vulnerable system; the third would allow a malicious application to disclose the contents of kernel memory.
Apple recommends that all users update their systems as soon as possible.
About the Author(s)
You May Also Like
The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024