Monday, April 28, 2025
HomeAppleApple Released Security Update & Fixes for iOS FaceTime Zero-day Vulnerability

Apple Released Security Update & Fixes for iOS FaceTime Zero-day Vulnerability

Published on

SIEM as a Service

Follow Us on Google News

Apple Released an important security update for iOS, macOS and fixed a critical FaceTime Zero day vulnerability that affected iOS & macOS.

A critical FaceTime Bug allows you to call anyone with Facetime and start to hear the audio from the recipient phone before they answer or reject the incoming call.

New Fixes of iOS 12.1.4 effective to iPhone 5s and later, iPad Air and later, and iPod touch 6th generation.

- Advertisement - Google News

FaceTime Zero day bug was originally reported to Apple by 14-year-old Michele Thompson of Catalina Foothills High School, Daven Morris of Arlington, TX .

Along with this, Apple fixed the another 2 zero-day flow that was reported by Google Project Zero-day Team lead Ben Hawkes on Twitter that affected
IOKit( CVE-2019-7287 ) and foundation(CVE-2019-7286).

It was a Memory corruption vulnerability and an ability to execute arbitrary code with kernel privileges in iOS, and another zero-day flow allows to gain elevated privileges.

Apple found another FaceTime flaw in live photos during the an internals security audit and the issue was addressed with improved validation on the FaceTime server. 

An another vulnerability fixed by Apple that reported for Shortcuts 2.1.3 for iOS and macOS allow a local user may be able to view senstive user information.

Apple security updates

Name and information linkAvailable forRelease date
Shortcuts 2.1.3 for iOSShortcuts 2.1.2 for iOS07 Feb 2019
macOS Mojave 10.14.3 Supplemental UpdatemacOS Mojave 10.14.307 Feb 2019
iOS 12.1.4iPhone 5s and later, iPad Air and later, and iPod touch 6th generation07 Feb 2019

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Also Read:

Multiple Malicious Fitness Tracker apps Abusing Apple’s Touch ID Feature To Steal Money From iOS Users

5 Things You Need To Do Before Selling iPhone

New Unpatched macOS Zero-day Flaw Allows Attackers to Read Passwords in Plain Text & System Data

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

RansomHub Ransomware Deploys Malware to Breach Corporate Networks

The eSentire’s Threat Response Unit (TRU) in early March 2025, a sophisticated cyberattack leveraging...

19 APT Hackers Target Asia-based Company Servers Using Exploited Vulnerabilities and Spear Phishing Email

The NSFOCUS Fuying Laboratory’s global threat hunting system identified 19 sophisticated Advanced Persistent Threat...

FBI Reports ₹1.38 Lakh Crore Loss in 2024, a 33% Surge from 2023

The FBI’s Internet Crime Complaint Center (IC3) has reported a record-breaking loss of $16.6...

Fog Ransomware Reveals Active Directory Exploitation Tools and Scripts

Cybersecurity researchers from The DFIR Report’s Threat Intel Group uncovered an open directory hosted...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

RansomHub Ransomware Deploys Malware to Breach Corporate Networks

The eSentire’s Threat Response Unit (TRU) in early March 2025, a sophisticated cyberattack leveraging...

19 APT Hackers Target Asia-based Company Servers Using Exploited Vulnerabilities and Spear Phishing Email

The NSFOCUS Fuying Laboratory’s global threat hunting system identified 19 sophisticated Advanced Persistent Threat...

FBI Reports ₹1.38 Lakh Crore Loss in 2024, a 33% Surge from 2023

The FBI’s Internet Crime Complaint Center (IC3) has reported a record-breaking loss of $16.6...