Apple, Microsoft, and Qualcomm Just Issued Emergency Patches for Zero-Days Exploited in Wild Attacks
Major tech giants—Apple, Microsoft, and Qualcomm—are scrambling to deploy emergency security updates. These patches address multiple zero-day vulnerabilities across core platforms, including iOS, WebKit, Windows MSHTML, and DSP services.
The narrative centers on documented, active exploitation. Specific reports detail Apple fixing multiple zero-day flaws in WebKit and iOS, while Microsoft closed an MSHTML vulnerability that was exploited for a documented eighteen months. Qualcomm also patched a critical DSP zero-day across its chipsets.
The overwhelming weight of evidence points to constant, severe threat activity. The community views these disclosures not as routine maintenance, but as evidence of advanced, persistent, and widespread exploitation attempts across the entire mobile and desktop ecosystem.
Key Points
#1Microsoft patched an MSHTML zero-day exploited for an extended period.
The specific vulnerability allowed malicious scripts to run for eighteen months, as noted in the thread (lemmydev2).
#2Apple confirmed patching multiple zero-day flaws in iOS and WebKit.
Updates were pushed to address vulnerabilities actively exploited against iPhones.
#3Qualcomm addressed a flaw in its DSP services.
The company issued a patch for a zero-day vulnerability impacting multiple chipsets.
#4The threat level is characterized by active, widespread exploitation.
Multiple vendors are responding to vulnerabilities confirmed to be used in live attacks, indicating sophisticated threat actors.
Source Discussions (6)
This report was synthesized from the following Lemmy discussions, ranked by community score.