Apple fixes ‘actively exploited’ zero-day affecting most iPhones

Apple has confirmed that an iPhone software update it released two weeks ago fixed a zero-day security vulnerability that it now says was actively exploited.
The update, iOS 16.1.2, landed on November 30 and rolled out to all supported iPhones, including iPhone 8 and later, with unspecified “important security updates.”
In a disclosure to its security updates page on Tuesday, Apple said the update fixed a flaw in WebKit, the browser engine that powers Safari and other apps, which if exploited could allow malicious code to run on the person’s device. The bug is called a zero-d

リンク元