"Apple Fixes 'Actively Exploited' Zero-Day Flaw"
Apple has released iOS 14.7.1, iPad iOS 14.7.1, and macOS Big Sur 11.5.1 to address a zero-day flaw that seems to have been actively exploited. According to Apple, the flaw, tagged as CVE-2021-30807, could allow threat actors to execute arbitrary code with kernel privileges. It was found in the IOMobileFrameBuffer extension. Another security researcher and member of the Microsoft Security Response Center (MSRC) revealed that they had also discovered the bug in iOS four months ago. Following Apple's disclosure of the bug, the researcher published details about the issues they discovered in IOMobileFrameBuffer. This article continues to discuss the iOS and macOS update issued by Apple to fix a zero-day flaw that is believed to have been actively exploited by attackers already.
ZDNet reports "Apple Fixes 'Actively Exploited' Zero-Day Flaw"