Yesterday, Apple has released patches for iPhones, iPads, and Macs to tackle a zero-day vulnerability that the organization states has been exploited in the wild and could enable cybercriminals to take over a device.

What Is a Zero-Day Vulnerability?

As my colleague Cezarina has already explained in her article – What Is a Zero-Day Vulnerability? , the term “Zero-day” is an imaginative time, as this type of cyberattack happens in less than a day since the awareness of the security flaw. Thereby, not giving developers ample time to eradicate or mitigate the potential risks associated with this vulnerability. In zero-day attacks, software vendors are reactive, not proactive. Therefore, since patches have not yet been released, the attackers are already making their move.

A zero-day attack occurs when hackers exploit a vulnerability window and then launch a direct attack using that vulnerability. What makes zero-day exploits so dangerous is that the only ones who know about them are the attackers themselves. Hackers can attack immediately or take advantage of their weakness, waiting for the right moment to strike.

According to Apple, the vulnerability, tracked as CVE-2021-30807 affects IOMobileFramebuffer, a kernel extension that enables developers to control how a device’s memory handles the screen display.

Apple has fixed the vulnerability, that allows applications to perform arbitrary code with kernel privileges on a vulnerable and unpatched device, by improving memory handling in iOS 14.7.1, iPadOS 14.7.1, and macOS Big Sur 11.5.1.

According to the outlet, obtaining access to kernel privileges gives cyber criminals complete control of a device.

In security advisories published yesterday, Apple stated it was aware that this vulnerability might have been exploited in the wild, but the tech giant did not give more details.

While there is a possibility that this zero-day vulnerability might be a new exploit used by the iOS jailbreaking community to root iPhones, it is also not clear if today’s zero-day is in any way linked to NSO Group, an Israeli company that sells iPhone hacking tools to governments all over the world.

Today’s update reportedly marks the 13th zero-day patch Apple has launched so far in 2021. Previous zero-days included:

CVE Patch date Description
CVE-2021-1782February 1 A zero-day impacting the macOS, iOS, iPadOS, watchOS, and tvOS kernels
CVE-2021-1870February 1 WebKit zero-day impacting macOS, iOS, iPadOS, and watchOS
CVE-2021-1871February 1 WebKit zero-day impacting macOS, iOS, iPadOS, and watchOS
CVE-2021-1879March 26 WebKit bug impacting both old and new-gen iOS, iPadOS, and watchOS
CVE-2021-30657April 26macOS Gatekeeper bypass abused by Shlayer malware
CVE-2021-30661April 26 WebKit zero-day impacting old and new-gen iOS, iPadOS, watchOS, and tvOS.
CVE-2021-30663May 3WebKit zero-day impacting macOS, iOS, iPadOS, and watchOS
CVE-2021-30665May 3WebKit zero-day impacting macOS, iOS, iPadOS, and watchOS
CVE-2021-30666May 3WebKit zero-day impacting macOS, iOS, iPadOS, and watchOS
CVE-2021-30713May 24macOS TCC bypass abused by XCSSET malware
CVE-2021-30761June 14WebKit zero-day impacting old-gen iOS devices
CVE-2021-30762June 14WebKit zero-day impacting old-gen iOS devices

Apple is urging its customers to update to the macOS Big Sur 11.5.1, iOS 14.7.1, and iPadOS 14.7.1 versions it released yesterday to address the bug.

The updates are available for macOS notebooks and desktops, iPhone 6s and later, iPad Pro, iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation).

How to Spot and Prevent Apple ID Phishing Scams

Apple Fixes MacOS Vulnerability Exploited by XCSSET Malware


Danke für Ihre Info´s.
Ich bin seit 20 Jahren Rentner und habe mich seit langem nicht mehr um PC und Datentechnik gekümmert, es fehlt mir daher die Kompetenz hier Kommentare abzugeben. Ich muß mich erst wieder einlesen.
mfg Klaus Rathmann

Leave a Reply

Your email address will not be published. Required fields are marked *