ios 12 iconTwo vulnerabilities that Apple patched in its latest iOS 12.1.4 update were successfully exploited by hackers before they were known to Apple, according to a top Google security engineer.

Ben Hawkes, team leader at Google's Project Zero security research group, revealed in a tweet that vulnerabilities identified as CVE-2019-7286 and CVE-2019-7287 in Apple's iOS 12.1.4 security change log had been exploited in the wild as "zero day".

A zero-day vulnerability refers to a security hole in software that is unknown to the software developer and the public, although it may already be known by attackers who are quietly exploiting it.

As ZDNet notes, it's unclear under what circumstances the vulnerabilities were used, but one exploit involved the iOS Foundation component and a memory corruption issue that could allow an app to gain "elevated privileges" on an iPhone 5s and later, iPad Air and later, or iPod touch 6th generation. The second vulnerability potentially allowed for kernel privileges and affected the same devices.

Apple credited "an anonymous researcher, Clement Lecigne of Google Threat Analysis Group, Ian Beer of Google Project Zero, and Samuel Groß of Google Project Zero" for discovering both vulnerabilities.

Apple's iOS 12.1.4 update for the ‌iPhone‌, iPad, and iPod touch, was principally designed to fix an insidious privacy-invading Group FaceTime bug discovered by a high school student that could be exploited to eavesdrop on conversations.

Top Rated Comments

69Mustang Avatar
69Mustang
90 months ago
Wonder if this means the exploits are related to FaceTime again. Hopefully Apple fixes it ASAP.
Not related to FaceTime. Both were patched yesterday along with the FaceTime Bug. They were mentioned in yesterday's article. Just weren't credited or detailed. This article is just a follow up.
Score: 14 Votes (Like | Disagree)
ersan191 Avatar
ersan191
90 months ago
Apple’s security changelogs are like 50+% reported by project zero these days, kind of makes them look bad. Also makes you wonder how many unpatched vulnerabilities there are.
Score: 13 Votes (Like | Disagree)
69Mustang Avatar
69Mustang
90 months ago
Apple’s security changelogs are like 50+% reported by project zero these days, kind of makes them look bad. Also makes you wonder how many unpatched vulnerabilities there are.
I don't think Apple looks bad at all. Project Zero is just good at what they do. I'm glad they are. As long as the exploits are found and fixed, generally speaking, I don't think anyone cares who found them. Apple would only look bad if they got news of an exploit, let it hit the 90 day window without action, and PZ disclosed. 'Til that happens...
Score: 7 Votes (Like | Disagree)
69Mustang Avatar
69Mustang
90 months ago
.
My problem is Google is focused on finding flaws in Apple products but major flaws in their own products go unnoticed and are found by outside groups and remain unpatched. In some cases Google has just stopped supporting the devices instead of fixing it.
Project Zero isn't focused on finding flaws in Apple products. That's just flat out lying.
Score: 7 Votes (Like | Disagree)
Sasparilla Avatar
Sasparilla
90 months ago
Every hole in their OS's that Apple closes is a victory. It'd be better if these weren't being used as zero day's, but that is not the way real life in computer or smartphone OS's work (the bad guys are always finding some exploits to use / sell) - so good that Apple closed these as well. Keep it up Apple.
Score: 4 Votes (Like | Disagree)
luvbug Avatar
luvbug
90 months ago
Yikes! I better update my iPhone 4S and iPhone 5 to the latest patch.
It says "iPhone 5s AND LATER".
Score: 1 Votes (Like | Disagree)
Read All Comments

Popular Stories

iPhone Top Left Hole Punch Face ID Feature Purple

iPhone 18 Pro Features Leaked in New Report, Including Under-Screen Face ID

Tuesday December 16, 2025 8:44 am PST by
Next year's iPhone 18 Pro and iPhone 18 Pro Max will be equipped with under-screen Face ID, and the front camera will be moved to the top-left corner of the screen, according to a new report from The Information's Wayne Ma and Qianer Liu. As a result of these changes, the report said the iPhone 18 Pro models will not have a pill-shaped Dynamic Island cutout at the top of the screen....
Read Full Article60 comments
apple music chatgpt

ChatGPT's Apple Music Integration Is Now Live

Wednesday December 17, 2025 3:50 pm PST by
There's now a dedicated Apple Music app for ChatGPT, which allows ChatGPT to make music recommendations and build playlists. Apple Music can be added to ChatGPT through the Settings section in the Mac app, website, or iOS app. Apple Music is listed under the apps option, and connecting to it requires signing in with your Apple Account for authorization purposes. ChatGPT can be used to...
Read Full Article51 comments
apple beta 26 lineup

Apple's 2026 and 2027 Product Roadmap: Foldable iPhone, iPhone 18 Pro, M5 Macs, and More

Tuesday December 16, 2025 4:42 pm PST by
There has been a whirlwind of rumors over the last few days, sourced from leaked internal software designed for the iPhone and the Mac, and news sites like The Information. Below, we have a quick recap of everything we've heard this week, which serves as a guide to Apple's product plans in 2026 and beyond. We've organized the info by likely release date, though there are some products that...
Read Full Article43 comments
apple iphone air battery pack

Apple Aims to Boost Popularity of iPhone Air 2 in Two Ways

Tuesday December 16, 2025 11:06 am PST by
We have been covering iPhone 18 Pro, iPhone 17e, and iPhone Fold details from The Information's report about future iPhone models, and next up is the iPhone Air 2. The report says that Apple aims to make the iPhone Air 2 more attractive in two ways. First, Apple is apparently considering adding a second rear camera to the device, which would resolve a key limitation. The current iPhone...
Read Full Article121 comments
iOS 26

iOS 26.3 Beta 1 Features: What's New So Far

Monday December 15, 2025 4:23 pm PST by
Apple is testing iOS 26.3, the next version of iOS 26 that will launch around January. Since iOS 26.3's testing is happening over the holidays, it is a smaller update with fewer features than we've seen in prior betas. We've rounded up what's new so far, and we'll add to our list with subsequent betas if we come across any other features. Transfer to Android Apple is making it simpler...
Read Full Article49 comments
Apple Logo Top Half

Early iOS 26 Software Leak Uncovers Dozens of Upcoming Apple Features

Monday December 15, 2025 3:05 pm PST by
Software from an iPhone prototype running an early build of iOS 26 leaked last week, giving us a glimpse at future Apple devices and iOS features. We recapped device codenames in our prior article, and now we have a list of some of the most notable feature flags that were found in the software code. In some cases, it's obvious what the feature flags are referring to, while some are more...
Read Full Article36 comments
apple beta 26 lineup

Apple Leak Confirms Work on Foldable iPhone, AirTag 2, and Dozens More Devices

Monday December 15, 2025 2:05 pm PST by
Last week, details about unreleased Apple devices and future iOS features were shared by Macworld. This week, we learned where the information came from, plus we have more findings from the leak. As it turns out, an Apple prototype device running an early build of iOS 26 was sold, and the person who bought it shared the software. The OS has a version number of 23A5234w, and the first...
Read Full Article79 comments
maxresdefault

Apple Developing iMac Pro With M5 Max Chip

Tuesday December 16, 2025 7:30 am PST by
Apple is developing a high-end iMac featuring the M5 Max chip, according to information from leaked internal software. Subscribe to the MacRumors YouTube channel for more videos. The finding comes from leaked kernel debug kit files used by Apple engineers. These kernel debug kit files enumerate unreleased Apple hardware by internal identifiers, such as codenames and platform names, and they...
Read Full Article185 comments
a15 chip

Apple Tested a MacBook With the A15 Chip

Wednesday December 17, 2025 7:19 am PST by
An internal Apple kernel debug kit suggests Apple has tested a MacBook with the A15 chip, alongside a separate A18 Pro-based MacBook that appears to be closer to a shippable product. The information comes from internal kernel debug kit files used by Apple engineers. The kit was accidentally released on Apple's website earlier this year, but it was quickly pulled after information started...
Read Full Article103 comments