Skip to content

Apple 0-Day Vulnerability

Apple released security updates yesterday for iOS, iPadOS, macOS, and watchOS to patch three zero-day vulnerabilities that attackers are actively exploiting in the wild on iPhone devices. The security bugs reside in the FontParser component and the kernel, allowing a remote attacker to fully compromise the device.

The zero-days were discovered and reported to Apple by Google's Project Zero security team. The list of impacted devices includes iPhone 5s and later, iPod touch 6th and 7th generation, iPad Air, iPad mini 2 and later, and Apple Watch Series 1 and later.

The fixes are available in versions iOS 12.4.9 and 14.2, iPadOS 14.2, watchOS 5.3.9, 6.2.9, and 7.1, and as a supplemental update for macOS Catalina 10.15.7.

This is obviously be a "Patch now!" situation. For more information on Apple security updates, please see