Apple has released
iOS 12.1.4 and it fixes
two zero-day exploits that had been abused by hackers. According to Google Project Zero team lead,
Ben Hawkes, "CVE-2019-7286 and CVE-2019-7287 were exploited in the wild as 0day." CVE-2019-7286 allowed hackers to gain elevated privileges by using a malicious app to exploit a memory corruption bug. CVE-2019-7287 allowed a malicious app to exploit a memory corruption bug to execute arbitrary code with kernel privileges. Apple credited multiple Google members for reporting the exploits.