Google has just issued a warning asking iOS users to upgrade to the just released iOS 12.1.4. A senior security engineer Ben Hawkes took to Twitter to warn users about two security vulnerabilities patched in the new update were already being exploited in the wild . Hawkes stated that these two vulnerabilities were classified as 0day exploits or zero-day exploits. Zero-day exploits refer to problems or weaknesses in the system that have not been detected by the software maker, and are already being used by cybercriminals. Also Read - Apple Music Lossless, Spatial Audio features with Dolby Atmos coming soon to IndiaAlso Read - Google announces six new Android features, which will roll out this year
Hawkes is the team leader of Project Zero, a security team at Google which hunts for Zero-day exploits in software products. According to the tweet, the exploits with identifiers CVE-2019-7286 and CVE-2019-7287 were what Hawkes was referring about. He did not reveal any more details about when, where, or who was exploiting these exploits against iOS users. Also Read - Apple sells more iPads in early 2021 than ever, grows along with Samsung
Watch: Apple iOS 12 features
As noted by ZDNet, the vulnerability identified as CVE-2019-7286 fixes an exploit in the Foundation framework of iOS, a core component of the operating system. Apple shared more information about the problem adding that hackers could exploit a memory corruption in the framework with the help of a malicious app to get administrator rights and then control the device.
The second exploit with identifier CVE-2019-72867 is related to I/O Kit, an internal component that takes care of the input as well as output streams of data between the hardware and the software. The company stated that hackers can exploit this flaw by corrupting the memory of the framework with the help of a malicious app to run unauthorized code with kernel privileges which is the highest level of access on any software system. iOS 12.1.4 also comes with a fix for the Group FaceTime security flaw making the update considerably important for iOS users.