Apple releases emergency iOS and macOS security patch - so update now

Bug found in kernel used by both iOS and macOS

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Applehas patched a zero-day arbitrary code execution (ACE) vulnerability in iOS andmacOSdevices that was being exploited in the wild to run code with kernel privileges on compromised devices.

The vulnerability (tracked as CVE-2021-30869) reportedly affectediPhonesandMacspowered by older iOS and macOS versions.

“Apple is aware of reports that an exploit for this issue exists in the wild,” Apple said in its updateannouncement.

We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.

Click here to start the survey in a new window«

Although Apple hasn’t shared much details about the vulnerability citing customer’s protection, it did mention that the bug exists in Apple’sopen sourceXNUoperating systemkernel.

Long list of zero-days

Long list of zero-days

The zero-day was reported to Apple by members ofGoogle’s Threat Analysis Group, and Google Project Zero.

Reporting on the development,BleepingComputershares that the vulnerability impactsiPhone 5s,iPhone 6,iPhone 6 Plus,iPadAir,iPad mini2, iPad mini 3, andiPod touch(6th generation) running iOS 12.5.5, along with Macs runningmacOS Catalina.

It’s also being reported that Apple has used the opportunity to backport security updates in the latest security update for two already-patched zero-days, one of themreported by The Citizen Laband used to deploy NSO Pegasus spyware on hacked devices.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Apple reportedly has had to deal with several zero-days off late, many of whom have been used in attacks against iOS and macOS devices, the most notorious being the ones exploited to install Pegasus spyware on iPhones.

ViaBleepingComputer

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

3 reasons why PIA fell in our best VPN rankings

Is it still worth using Proton VPN Free?

I’ve been covering Apple Watch deals for years – This is the one model most people should buy on Black Friday