Path: ...!weretis.net!feeder9.news.weretis.net!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!nnrp.usenet.blueworldhosting.com!.POSTED!not-for-mail
From: Marion <marion@facts.com>
Newsgroups: misc.phone.mobile.iphone,comp.mobile.ipad,comp.sys.mac.system
Subject: Three zero-days within months - Apple is on a roll for zero-day bugs in 2025
Date: Sat, 24 May 2025 01:58:41 -0000 (UTC)
Organization: BWH Usenet Archive (https://usenet.blueworldhosting.com)
Message-ID: <100r94g$1kd2$1@nnrp.usenet.blueworldhosting.com>
Injection-Date: Sat, 24 May 2025 01:58:41 -0000 (UTC)
Injection-Info: nnrp.usenet.blueworldhosting.com;
	logging-data="53666"; mail-complaints-to="usenet@blueworldhosting.com"
User-Agent: MacSOUP/2.8.5 (ea919cf118) (Mac OS 10.12.6)
Cancel-Lock: sha1:ZYFlRL88I4EhBwyL6qShRPqWXrI= sha256:7pIJyTL/SyYnuC3JsGrL0IZHNZ6sIP+q/NZTDL49V5c=
	sha1:qD6+gVwMNCzoMiu8GES1nbmq9Yc= sha256:+GbIakyisVEBjWzSVo90MurAaO4KFPsoTGlHd7q1ges=
Bytes: 2075
Lines: 21

 *Three zero-days within months!*
 <https://www.csoonline.com/article/3843999/apple-patches-zero-day-bugs-used-in-targeted-iphone-attacks.html>

The company suffered a total of twenty zero-day holes in 2023, including
the actively exploited RCE bugs, CVE-2023-32434 and CVE-2023-32435.

In 2024, Apple fixed six zero-day bugs, along with a string of critical
flaws including CVE-2024-23225 and CVE-2024-23296 which together allowed
attackers to bypass kernel memory protection.

This marks Apple's third zero-day fix since the start of the year,
following patches for CVE-2025-24085 in January and CVE-2025-24200 in
February.

Surprise! While Android has *never* had a Pegasus kernel exploit, iOS
constantly has them, in addition to the termite-ridden WebKit abomination.

Patches were released on Tuesday and are available through the latest
versions of iOS, iPadOS, macOS, Safari, and visionOS.

Apple never tests their software sufficiently which is perhaps the main
reason why iOS is the most exploited mobile operating system in history.