Apple has exploited zero-day bugs using iOS to “specific targeted individuals”
Apple has released new software updates throughout its product line to fix two security vulnerabilities. The company said it could be actively used to hack customers iOS running mobile software.
In a security advisory posted to that website, Apple confirmed that it was fixed. Two Zero Day Vulnerabilities“It could have been exploited in a very sophisticated attack on a particular targeted individual on iOS.”
Bugs are considered Zero Days Because they were misused, they were not known to apples.
It remains to be seen who is behind the attack, how many Apple customers were targeted, or what was successfully breached. An Apple spokesman did not return a TechCrunch investigation.
Apple has confirmed the discovery of one of two bugs for security researchers working at Google’s threat analysis group, which investigates government-sponsored cyberattacks. This could indicate that an attack targeting Apple customers has been launched or coordinated by a national or government agency. It is known that some government-supported cyberattacks are involved Using remotely planted spyware and Other phone unlock devices.
A Google spokesman did not immediately comment when TechCrunch reached it.
Apple said one of the bugs will affect Apple’s Coreaudio. It is a system-level component that Apple uses in a variety of products to allow developers to interact with device audio. Apple said that handling audio streams with malicious media files could potentially be exploited. Running malicious code On affected Apple devices.
Another bug that Apple discovered only credits is allowing attackers to bypass pointer authentication. Apple uses it with software Make it more difficult for an attacker to corrupt or insert malicious code into the device’s memory.
Apple released it MacOS Sequoia software updatebumps the software version to 15.4.1, release iOS 18.4.1, fixes security bugs on iPhone and iPad. Apple TV The company’s mixed reality headset Vision Pro I also received the same security update.