Apple fixes highly exploitable zero-day vulnerability in iOS 15.0.2 update
Last month, Apple released security patches to address the flaw exploited by Pegasus spyware. Now, the company has introduced another security patch in the iOS 15.0.2 update to address a zero-day vulnerability in the iOS kernel extension, IOMobileFrameBuffer. The vulnerability in IOMobileFrameBuffer, which helps buffer images in the display, can trigger a memory corruption issue, allowing applications to execute code with kernel privileges.
All iPhone, iPad users advised to update their devices
By now, hackers might have "actively exploited" the issue, informed Apple, adding the company has improved memory handling in iOS 15.0.2 and iPadOS 15.0.2 updates to stop malware attacks. Apple's notice on the vulnerability, CVE-2021-30883, doesn't mention how hackers could target victims or how many were targeted. However, we recommend updating your iPhone or iPad by going to Settings > General > Software Update.
Vulnerability can affect iPhone, iPad models
As CVE-2021-30883 can affect both iPhone and iPad, Apple introduced iOS 15.0.2 and iPad 15.0.2 update for iPhone 6s and later; iPad Pro (all models); iPad Air 2 and later; iPad 5th-generation and later; iPad mini 4 and later; as well as iPod touch (7th-generation). Notably, iOS 15.0.2 comes just eight days after the release of iOS 15.0.1, mainly to quickly address the vulnerability.
Record zero-day vulnerabilities exploited in 2021
At least 66 zero-day vulnerabilities have been found to be exploited this year, reported MIT Technology Review last month. This is almost double the number in 2020. Earlier in July, Apple released the iOS 14.7.1 update to fix another vulnerability in IOMobileFrameBuffer, giving kernel-level access to hackers. In addition to this security patch, the iOS 15.0.2 update carries fixes to several bugs, too.
iOS 15.0.2 takes care of Find My, CarPlay issues
Notably, iOS 15.0.2 fixes bugs preventing the MagSafe iPhone leather wallet from connecting with Find My and AirTags from appearing in the Find My Items tab. Additionally, the update should allow CarPlay to successfully open audio apps and prevent disconnections during playback. It also fixes photo deletion and iPhone 13 device restore/update issues. Meanwhile, watchOS 8.0.1 brings improvements for Apple Watch Series 3 users.