Apple released a big security update on Monday that patches a security flaw that the firm claims was “actively exploited” to install malware on macOS and iOS devices.
Apple, as is customary, did not provide any information about the in-the-wild attacks or the targets’ profiles. The corporation did not provide any IOCs (indicators of compromise) or extra information to aid defenders in their search for symptoms of infection.
Instead, the Apple advise simply states, “Apple is aware of a report that this problem has been actively exploited.”
Cupertino has patched 13 zero-day vulnerabilities in the first half of this year.
CVE-2021-30807, the newly patched vulnerability, was reported to Apple anonymously and is defined as a memory corruption weakness that might be used to perform code execution attacks with kernel privileges.
The issues were patched in the macOS Big Sur 11.5.1 update, as well as a separate patch bundle that updated iOS and iPad devices to version 14.7.1.
The latest patch arrives less than a week after Apple released iOS 14.7, which included patches for a number of security flaws.