Apple and Google release security updates to fix zero-day vulnerabilities

Apple and Google have released security updates across iOS, Android and Chrome to patch zero-day vulnerabilities that were exploited, urging users to update their devices immediately

Google and Apple have rolled out security updates across their platforms after discovering exploited zero-day vulnerabilities. According to TechCrunch, the flaws were already being used in real-world attacks before fixes were available, prompting both companies to push patches for their browsers and operating systems. Google issued an update for its Chrome browser earlier this week, while Apple followed up with security fixes for iPhones, iPads, Macs, Apple Watch, Apple TV, Vision Pro and Safari. Both companies have confirmed that at least one of the vulnerabilities was being exploited.

What has happened

Google first released an update for its Chrome browser earlier this week, addressing multiple security flaws. One of these bugs was flagged by Google as being actively exploited, meaning attackers were already taking advantage of it before a fix was available.

 

 

In an update to its official support page, Google confirmed that the high-severity vulnerability affected Chrome’s graphics handling and could potentially lead to memory errors or unexpected behaviour. The company said it is “aware that an exploit exists in the wild” and has now pushed Chrome updates across Windows, macOS and Linux.

 

Shortly after, Apple released its own set of security updates for iOS, iPadOS, macOS, watchOS, tvOS, visionOS and the Safari browser. According to TechCrunch, Apple patched two vulnerabilities that could allow malicious web content to trigger memory corruption or code execution on unpatched devices.

 

Apple said the issues may have been exploited on devices running older versions of its software, and rolled out updates to close the security gaps across its ecosystem. 

What is a zero-day vulnerability

A zero-day vulnerability is a security flaw that is discovered after it has already been exploited, or before the software maker has issued a fix. Because developers have “zero days” to respond before attackers can take advantage of it, these vulnerabilities are considered especially serious.

 

In simple terms, this means attackers can exploit a weakness in software without users or companies knowing the risk exists. Once discovered, companies like Apple and Google rush to patch the flaw and distribute updates to protect users.

What users should do

Google Chrome users should ensure they are running the latest version of the browser by checking for updates in the settings menu and restarting the app once the update is installed.

 

Apple users should install the latest software updates available for their devices, including iPhones, iPads, Macs, Apple Watch, Apple TV and Vision Pro. Updating Safari is also important, especially for users who browse the web frequently.