Several critical bugs have been found in the iPhone OS. This is reported by the ZDNet edition, citing Google cybersecurity expert Shane Huntley.
Huntley said there were three zero day vulnerabilities found in iOS 14 – potentially dangerous bugs for which no defense mechanisms have yet been developed. According to the expert, the first problem allows remote code execution and iPhone jailbreak. The second problem is related to the escalation of privileges in the iOS kernel, the third is related to retrieving data from the OS kernel memory. These vulnerabilities could allow attackers to remotely hack and block Apple smartphones.
The expert also noted that the discovered vulnerabilities are related to another critical zero-day error previously found by Google engineers. Using the bug, hackers could elevate the privileges of certain processes in the Chrome browser and gain access to the operating system. The exploit found was successfully launched on all known operating systems from Microsoft, including Windows 7 and 10.
Reporters noted that Apple has already fixed critical bugs in the iOS 14.2 update, which became available to iPhone users on November 5. Shane Huntley advised owners of Apple smartphones not to delay updating the system.
In August, digital security experts spoke about a vulnerability that could steal data from users of iPhone smartphones and MacBook laptops. A systemic flaw was found in the Web Share API standard used in the Safari browser. The experts noticed that Apple is aware of the problem, but promised to release the patch only in the spring of 2021.