The Hacker-news reported that on Monday Apple released an urgent security update for Mac, IPhone and Ipad (iOS, iPadOS, and macOS to address a zero-day flaw that it said may have been actively exploited, making it the thirteenth such vulnerability Apple has patched since the start of this year.
The urgent security updates for Mac, IPhone and Ipad , which arrive less than a week after the company released iOS 14.7, iPadOS 14.7, and macOS Big Sur 11.5 to the public, fixes a memory corruption issue (CVE-2021-30807) in the IOMobileFrameBuffer component, a kernel extension for managing the screen framebuffer, that could be abused to execute arbitrary code with kernel privileges.
The company said it addressed the issue with improved memory handling, noting it’s “aware of a report that this issue may have been actively exploited.” As is typically the case, additional details about the flaw have not been disclosed to prevent the weaponization of the vulnerability for additional attacks. Apple credited an anonymous researcher for discovering and reporting the vulnerability.
CVE-2021-30807 is also the thirteenth zero-day vulnerability addressed by Apple this year alone , highlighting the overgrowing Cyber threats which have affected many tech companies this year even more.
Microsoft also recently gave out a warning to its Windows 10 Operating Systems Users .
Given the public availability of a proof-of-concept (PoC) exploit, it’s highly recommended that users move quickly to update their devices to the latest version to mitigate the risk associated with the flaw.
Though not a cybercrime target on the same level of Microsoft’s Windows platform, Macs do come under attack. In one recent hack, where a mysterious malware known as Silver Sparrow targeted the new M1 Macs, as many as 30,000 Apple PCs were breached, which made Apple to release urgent security update for Mac, IPhone and Ipad back then as well.