Quick Hits

Apple Patches 24 Vulnerabilities Across Product Lines

The vulnerabilities include three for which exploits have already been seen in the wild.

Apple has released updates addressing 24 separate vulnerabilities in iOS 14.2 and iPadOS 14.2. The releases were part of a group of seven updates released on Nov. 5 covering products across all Apple hardware families.

Related Content:

Rise in Remote MacOS Workers Driving Cybersecurity 'Rethink'

The Changing Face of Threat Intelligence

New on The Edge: Bug Bounty Hunters' Pro Tips on Chasing Vulns & Money

Within the batch of vulnerabilities patched in these releases are three zero-day vulnerabilities — those for which an exploit was found in the wild before a patch was available. All three of these zero-days — CVE-2020-27930, CVE-2020-27950, and CVE-2020-27932 — exist in iOS 14.2, iPadOS 14.2, macOS Catalina, and watchOS 5.3.9. Two of the vulnerabilities would allow an attacker to execute arbitrary code on the vulnerable system; the third would allow a malicious application to disclose the contents of kernel memory.

Apple recommends that all users update their systems as soon as possible.

For more, read here and here.

Editors' Choice
Jai Vijayan, Contributing Writer, Dark Reading
Kelly Jackson Higgins 2, Editor-in-Chief, Dark Reading