Recent "Out Of Bounds" Zero-day Affecting iPads, iPhones Fixed by Apple
A new security update released by Apple addresses recent zero-day (CVE-2022-42827) that affects iPhones and iPads and was used in attacks. Abusing the vulnerability allows attackers to remotely execute arbitrary code with kernel privileges. The vulnerability was disclosed by an anonymous security researcher and it is caused by software writing the data outside the boundaries of the memory buffer, which results in corrupted data, various crashes, and random code execution. Apple has addressed the issue by improving the boundaries check. Read more...