Apple has fixed two iOS zero-day vulnerabilities that “may have been actively exploited”” The two bugs are caused by memory corruption and use after free issues in the WebKit browser engine. Attackers could exploit the two vulnerabilities using maliciously crafted web content that would trigger arbitrary code execution after being loaded by the targets on unpatched devices. The bugs were found and reported by anonymous researchers. Apple has issued security updates to address nine zero-days since March
Source: security