Apple Fixes Zero-Days Flaws – Update iOS, iPadOS, macOS and Safari

Apple Products
Apple Products

Apple fixes two zero-day vulnerabilities and security updates for iOS, iPadOS, macOS platforms.

However, it is likely that they were used in highly-targeted intrusions, as the company did not disclose any further information regarding these attacks or who carried them out.

iOS 15.6.1, iPadOS 15.6.1, and macOS Monterey 12.5.1 all contain updates that address both vulnerabilities. For iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation), iOS and iPadOS updates are now available.

Safari 

  • CVE-2022-32893

macOS 

  • CVE-2022-32893
  • CVE-2022-32894

iOS and iPadOS

  • CVE-2022-32893
  • CVE-2022-32894

In Safari 15.6.1

  • Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
  • Description: An out-of-bounds write issue was addressed with improved bounds checking.

macOS Monterey 12.5.1

Kernel

  • Available for: macOS Monterey
  • Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
  • Description: An out-of-bounds write issue was addressed with improved bounds checking.
  • CVE – CVE-2022-32894: an anonymous researcher | Description

WebKit

  • Available for: macOS Monterey
  • Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
  • Description: An out-of-bounds write issue was addressed with improved bounds checking.
    WebKit Bugzilla: 243557
  • CVE – CVE-2022-32893: vulnerability reported by an anonymous researcher

iOS 15.6.1 and iPadOS 15.6.1

Update released on August 17, 2022 | Description

For Kernel

  • Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
  • Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
  • Description: An out-of-bounds write issue was addressed with improved bounds checking.
  • CVE – CVE-2022-32894, vulnerability reported by anonymous researcher

For WebKit

  • Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
  • Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
  • Description: An out-of-bounds write issue was addressed with improved bounds checking.
  • CVE – CVE-2022-32893: vulnerability reported by reported by anonymous researcher

How to Update Apple macOS and Software?

  • Choose System Preferences from the Apple menu in the upper left hand corner of your screen.
  • Click Software Update in the System Preferences window.
  • Use the App Store instead of System Preferences if you are unable to find Software Update in your System Preferences.
  • All updates and upgrades should be installed.

Join Our Club

Enter your Email address to receive notifications | Join over Million Followers

Previous Article
Android 13

Android 13 Released - Added New Privacy Features

Next Article
Trade

What to Trade: Futures or CFDs on Futures?

Related Posts
Total
0
Share