Apple has released iOS 12.1.4
and it fixes two zero-day exploits
that had been abused by hackers. According to Google Project Zero team lead, Ben Hawkes,
"CVE-2019-7286 and CVE-2019-7287 were exploited in the wild as 0day." CVE-2019-7286 allowed hackers to gain elevated privileges by using a malicious app to exploit a memory corruption bug. CVE-2019-7287 allowed a malicious app to exploit a memory corruption bug to execute arbitrary code with kernel privileges. Apple credited multiple Google members for reporting the exploits.