Apple

Apple released emergency security updates to fix two iOS zero-day vulnerabilities that were exploited in attacks on iPhones.

"Apple is aware of a report that this issue may have been exploited," the company said in an advisory issued on Tuesday.

The two bugs were found in the iOS Kernel (CVE-2024-23225) and RTKit (CVE-2024-23296), both allowing attackers with arbitrary kernel read and write capabilities to bypass kernel memory protections.

The company says it addressed the security flaws for devices running iOS 17.4iPadOS 17.4iOS 16.76, and iPad 16.7.6 with improved input validation.

The list of impacted Apple devices is quite extensive, and it includes:

  • iPhone XS and later, iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation
  • iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later

Apple has not shared who disclosed both zero-days or if they were discovered internally.

While Apple has not released information regarding ongoing exploitation in the wild, iOS zero-day vulnerabilities are commonly used in state-sponsored spyware attacks against high-risk individuals, such as journalists, opposition politicians, and dissidents.

While these zero-day vulnerabilities were likely only used in targeted attacks, installing today's security updates as soon as possible is highly advised to block potential attack attempts.

With these two vulnerabilities, Apple has fixed three zero-days so far in 2024, with the first in January.

Last year, the company fixed a total of 20 zero-day flaws exploited in the wild, including:

Related Articles:

Microsoft February 2024 Patch Tuesday fixes 2 zero-days, 73 flaws

Google says spyware vendors behind most zero-days it discovers

Apple fixes first zero-day bug exploited in attacks this year

Microsoft January 2024 Patch Tuesday fixes 49 flaws, 12 RCE bugs

Lazarus hackers exploited Windows zero-day to gain Kernel privileges