“An attacker with memory write capability may be able to execute arbitrary code.”
A flaw present since iOS 1.0 was being actively exploited before Apple patched it. Commercial spyware vendors found it first and kept it quiet. The phrase “extremely sophisticated attack” is Apple’s way of saying targeted individuals were being compromised and they didn’t know until Google’s Threat Analysis Group told them.