Apple has released a new software update on the product line to modify two security vulnerabilities, and the company may be actively used to hack customers running iOS, a mobile software.
Apple has confirmed that two zero -day vulnerabilities have been modified in security advisors posted on the website, which may have been exploited by a very sophisticated attack on an individual target of iOS.
Bugs are considered 0 days because they are not known to Apple when they are exploited.
It is not yet known who is behind the attack, whether the Apple customer is targeted or successfully compromised. Apple’s spokesman did not return Techcrunch’s investigation.
Apple acknowledged the discovery of two bugs to the security researchers working in Google’s threat analysis group, which investigates the government’s support cyber attacks. This can indicate that attacks targeting Apple customers have been started or adjusted by state or government agencies. Some government -supported cyber attacks are known to include the use of remotely planted spyware and other phone numbering devices.
Google spokesman did not mention immediately when Techcrunch reached.
Apple said that one of the bugs affects Apple’s Coreaudio, a system -level component that Apple uses in a variety of products, allowing developers to interact with device audio. Apple said that it can exploit bugs by processing audio streams in malicious media files.
The other bug that gets the only credit found by Apple allows the attacker to bypass the pointer authentication, which is more difficult for the attacker to corrupt or inject malicious code in the device’s memory.
Apple launched MacOS SEQUOIA’s software updates, colliding with the software version into 15.4.1 and launching iOS 18.4.1, which modifies the security bugs of iPhones and iPad. Apple TV and the company’s mixed reality headset Vision Pro has also received the same security update.