Apple released a major security update with fixes for a security defect the company says “may have been actively exploited” to plant malware on macOS and iOS devices.
While Apple did disclose that at least one report mentioned CVE-2021-30807 active exploitation in the wild, the company did not release any additional information regarding these attacks.
Withholding this info is likely a measure designed to allow the security updates released today to reach as many iPhones, iPads, and Macs as possible before other threat actors pick up on the details and start actively abusing the now-patched zero-day.
The flaws were fixed in the macOS Big Sur 11.5.1 update and a separate patch bundle that brings iOS and iPad devices up to version 14.7.1.
The newest patch comes less than a week after Apple shipped iOS 14.7 with fixes for a wide range of security issues.
