Privacy Ninja

Apple Patches New Zero-day Bug Used to Hack iPhones and Macs

Apple Patches New Zero-day Bug Used to Hack iPhones and Macs

Apple has released security updates to fix a zero-day vulnerability exploited in the wild by attackers to hack into iPhones and Macs running older iOS and macOS versions.

The zero-day patched today (tracked as CVE-2021-30869) [12] was found in the XNU operating system kernel and was reported by Erye Hernandez and Clément Lecigne of Google Threat Analysis Group, and Ian Beer of Google Project Zero.

Successful exploitation of this bug leads to arbitrary code execution with kernel privileges on compromised devices.

“Apple is aware of a report that this issue may have been actively exploited,” Apple said when describing the zero-day bug.

Also Read: Deemed Consent PDPA: How Do Businesses Comply?

The complete list of impacted devices includes:

  • iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation) running iOS 12.5.5
  • and Macs with Security Update 2021-006 Catalina.

Apple also backported security updates for two previously patched zero-days, one of them reported by The Citizen Lab and used to deploy NSO Pegasus spyware on hacked devices

Also Read: 6 Types Of Document Shredder Machine Singapore Services

Long stream of zero-days exploited in the wild

Besides today’s zero-day, Apple had to deal with what looks like an unending stream of zero-day bugs used in attacks targeting iOS and macOS devices:

Update: A previous version of the story said Apple fixed three zero-days, one of them used to deploy spyware. We have updated the story to correctly say the company patched a single zero-day exploited in the wild.



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us