Apple patches zero-day flaw that hackers may have exploited

Written by

Apple has released updates for its mobile, iPad and computer operating systems, fixing a zero-day flaw that appears to be the subject of active exploitation.

The patch comes mere days after another update that tackled 40 vulnerabilities. The latest software update comes in the wake of reports that the Israeli spyware firm NSO Group had developed a hacking tool that helps its customers remotely compromise iOS systems. Whether the patch address those technical issues was not immediately clear. Apple did not immediately respond to a request for comment.

The prior Apple update did not address the NSO Group exploits.

The iOS 14.7.1, iPadOS 14.7.1 and Big Sur 11.5.1 patch notes are likewise mum, other than to say that an anonymous researcher brought the vulnerability to Apple’s attention. The issue involved improper access to kernel mode, which a hacker could have abused to access the underlying hardware on a device, and manipulate some memory functions.

“An application may be able to execute arbitrary code with kernel privileges,” the notes for the updates issued Monday read. “Apple is aware of a report that this issue may have been actively exploited.”

Apple zero-day, or previously unrevealed, flaws are more common than they once were, to the point that last year zero-day broker Zerodium temporarily stopped acquiring them. By one count, this is the 13th zero-day issue Apple has patched in 2021.

A Microsoft researcher said Monday that he had previously been working on the bug to finish an exploit and was “surprised” to see it released as “in the wild,” or spreading among ordinary users.

‘The vulnerability is as trivial and straightforward as it can get,” Saar Amar wrote in an explanation of how it worked. He said he first found it four months ago.