Apple has released an update to fix yet another zero-day vulnerability in iOS that the company is warning might already be under attack from hackers.
According to Apple, the flaw can be used by an application to ‘execute arbitrary code with kernel privileges’. That means a hacker-controlled iOS app could use the vulnerability to take remote control of an iPhone since the kernel controls the core of the operating system.
‘Apple is aware of a report that this issue may have been actively exploited,’ says Apple. IPhones versions as far back as the iPhone 6 may have been hit by the issue.
The company’s security notice on the vulnerability, tracked under CVE-2021-30883, provided no details of the issue, which means it is unclear as to how the vulnerability can be exploited to hijack a phone.
Apple learned of the flaw from an anonymous security researcher so there is a chance that the researcher discovered it as they encountered it being used in the real world. In response, Apple released an update iOS 15.0.2, which includes a patch for the vulnerability.
Have you applied the update already? Do you need help with it? Contact us today.
Read original article here https://au.pcmag.com/security/90044/apple-patches-new-zero-day-ios-vulnerability-possibly-under-exploitation