Apple fixes new zero-day used in attacks against iPhones, iPads

Apple fixes new zero-day used in attacks against iPhones, iPads

Apple revealed in an advisory today that it’s aware of reports saying the security flaw “may have been actively exploited.”

The bug (CVE-2022-42827) is an out-of-bounds write issue reported to Apple by an anonymous researcher and caused by software writing data outside the boundaries of the current memory buffer.

This can result in data corruption, application crashes, or code execution because of undefined or unexpected results (also known as memory corruption) resulting from subsequent data written to the buffer.

https://www.bleepingcomputer.com/news/apple/apple-fixes-new-zero-day-used-in-attacks-against-iphones-ipads/