Oddbean new post about | logout
 Apple has a security update for iOS devices to patch two actively exploited zero-days.

The first is a vulnerability (CVE-2023-42824) in the iOS kernel that Apple says was exploited against older iPhones using iOS 16.6 or lower.

The second is a zero-day (CVE-2023-5217) in the Libvpx library that Google discovered last week, and Apple also ported and fixed in iOS.

https://support.apple.com/en-us/HT213961