iOS 14.2 has been released and fixes three 0day

Apple released security updates for iOS today (iOS 14.2) to fix three vulnerabilities (0day) detected in attacks on its users.

According to Shane Huntley, Director of Google Threat Analysis Team, the three iOS 0days are related to recent Chrome vulnerabilities and one 0day of Windows which Google had announced in the last two weeks.

Google did not provide details on who the attackers were or what their targets were.

According to its head of Google , Ben Hawkes, whose team discovered and reported the attacks to Apple, the iOS 3 0days are:

  • CVE-2020-27930 - a remote code execution issue in the iOS FontParser component that allows intruders to run code remotely on iOS devices.
  • CVE-2020-27932 – μια ευπάθεια κλιμάκωσης προνομίων στον πυρήνα του iOS επιτρέπει στους εισβολείς να τρέξουν κώδικα με δικαιώματα σε επίπεδο kernel.
  • CVE-2020-27950 - memory flaw in the iOS kernel that allows attackers to retrieve content from the kernel memory of an iOS device.

All three of them they are believed to have been used together, allowing attackers to remotely jailbreak iPhones.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).