Apple has patched iOS against three zero-day vulnerabilities that attackers were actively exploiting in the wild.
The security flaws affect iPhone 6s and later, seventh-generation iPod touches, iPad Air 2s and later, and iPad mini 4s and later.
The flaws are:
• CVE-2020-27930, a code-execution vulnerability that attackers can trigger using maliciously crafted fonts
• CVE-2020-27950, which allows a malicious app to obtain the locations in kernel memory, and
• CVE-2020-27932, a bug that allows code to run with highly privileged system rights.
Apple has fixed the zero-day and other vulnerabilities with the release of iOS 14.2. Please update your devices. The bonus is that you will also get 100 new emoji! ?
This is a second update for iOS within a few weeks. iOS 14.1 came out on October 22.
For info on iOS 14.2 visit https://support.apple.com/en-us/HT211929 or https://arstechnica.com/gadgets/2020/11/ios-14-2-is-here-with-new-emoji-and-wallpapers-long-list-of-bug-fixes/
Daniel Weatherly
Director of Security Services
Mainstream Technologies Inc.
501-801-6706
