Google Researchers Say Hackers Exploited Two Zero-Day Vulnerabilities Patched in Apple's iOS 12.1.4 Update - MacRumors
Skip to Content

Google Researchers Say Hackers Exploited Two Zero-Day Vulnerabilities Patched in Apple's iOS 12.1.4 Update

by

ios 12 iconTwo vulnerabilities that Apple patched in its latest iOS 12.1.4 update were successfully exploited by hackers before they were known to Apple, according to a top Google security engineer.

Ben Hawkes, team leader at Google's Project Zero security research group, revealed in a tweet that vulnerabilities identified as CVE-2019-7286 and CVE-2019-7287 in Apple's iOS 12.1.4 security change log had been exploited in the wild as "zero day".

A zero-day vulnerability refers to a security hole in software that is unknown to the software developer and the public, although it may already be known by attackers who are quietly exploiting it.

As ZDNet notes, it's unclear under what circumstances the vulnerabilities were used, but one exploit involved the iOS Foundation component and a memory corruption issue that could allow an app to gain "elevated privileges" on an iPhone 5s and later, iPad Air and later, or iPod touch 6th generation. The second vulnerability potentially allowed for kernel privileges and affected the same devices.

Apple credited "an anonymous researcher, Clement Lecigne of Google Threat Analysis Group, Ian Beer of Google Project Zero, and Samuel Groß of Google Project Zero" for discovering both vulnerabilities.

Apple's iOS 12.1.4 update for the iPhone, iPad, and iPod touch, was principally designed to fix an insidious privacy-invading Group FaceTime bug discovered by a high school student that could be exploited to eavesdrop on conversations.

Top Rated Comments

69Mustang Avatar
69Mustang
94 months ago
Wonder if this means the exploits are related to FaceTime again. Hopefully Apple fixes it ASAP.
Not related to FaceTime. Both were patched yesterday along with the FaceTime Bug. They were mentioned in yesterday's article. Just weren't credited or detailed. This article is just a follow up.
Score: 14 Votes (Like | Disagree)
E
ersan191
94 months ago
Apple’s security changelogs are like 50+% reported by project zero these days, kind of makes them look bad. Also makes you wonder how many unpatched vulnerabilities there are.
Score: 13 Votes (Like | Disagree)
69Mustang Avatar
69Mustang
94 months ago
.
My problem is Google is focused on finding flaws in Apple products but major flaws in their own products go unnoticed and are found by outside groups and remain unpatched. In some cases Google has just stopped supporting the devices instead of fixing it.
Project Zero isn't focused on finding flaws in Apple products. That's just flat out lying.
Score: 7 Votes (Like | Disagree)
69Mustang Avatar
69Mustang
94 months ago
Apple’s security changelogs are like 50+% reported by project zero these days, kind of makes them look bad. Also makes you wonder how many unpatched vulnerabilities there are.
I don't think Apple looks bad at all. Project Zero is just good at what they do. I'm glad they are. As long as the exploits are found and fixed, generally speaking, I don't think anyone cares who found them. Apple would only look bad if they got news of an exploit, let it hit the 90 day window without action, and PZ disclosed. 'Til that happens...
Score: 7 Votes (Like | Disagree)
S
Sasparilla
94 months ago
Every hole in their OS's that Apple closes is a victory. It'd be better if these weren't being used as zero day's, but that is not the way real life in computer or smartphone OS's work (the bad guys are always finding some exploits to use / sell) - so good that Apple closed these as well. Keep it up Apple.
Score: 4 Votes (Like | Disagree)
C
C DM
94 months ago
Well with a pessimistic attitude like that...
If only that kind of thing was down to just attitude.
Score: 1 Votes (Like | Disagree)
Read All Comments

Popular Stories

Tim Cook Rainbow

Apple CEO Tim Cook Stepping Down, John Ternus Taking Over

Monday April 20, 2026 1:33 pm PDT by
Apple CEO Tim Cook is stepping down as Apple's chief executive officer, and hardware engineering chief John Ternus is set to take over, Apple announced today. Cook will continue on as Apple CEO through the summer, with Ternus set to join Apple's Board of Directors and take over as CEO on September 1, 2026. Cook is going to transition to executive chairman, and he will "assist with certain...
Read Full Article549 comments
Four iPhone 18 Pro Colors Mock Feature

iPhone 18 Pro Launching in September With These 10 New Features

Monday April 20, 2026 7:13 am PDT by
While the iPhone 18 Pro and iPhone 18 Pro Max are not launching until September, there are already plenty of rumors about the devices. It was initially reported that the iPhone 18 Pro models would have fully under-screen Face ID, with only a front camera visible in the top-left corner of the screen. However, the latest rumors indicate that only one Face ID component will be moved under the...
Read Full Article46 comments
macOS 27 on MacBook Pro

macOS 27 Will Mark the End of an Era

Saturday April 18, 2026 6:45 am PDT by
During its Platforms State of the Union segment at WWDC 2025, Apple revealed that macOS 26 Tahoe is the final major macOS version for Intel-based Macs. The upcoming macOS 27 release will be compatible with Apple silicon Macs only, meaning that you will need a Mac with an M-series chip or a MacBook Neo with an A18 Pro chip in order to install the software update. macOS 27 should be available...
Read Full Article284 comments