Apple has released a patch for iOS, iPadOS and mac OS. This security applies patches to two recently discovered zero-day vulnerabilities:
- CVE-2022-32893 - An out-of-bounds issue in WebKit which could lead to the execution of arbitrary code by processing a specially crafted web content
- CVE-2022-32894 - An out-of-bounds issue in the operating system’s Kernel that could be abused by a malicious application to execute arbitrary code with the highest privileges
Apple made a statement about the vulnerabilities saying that the above have been rectified within the latest update. They also know that the vulnerabilities “may have been actively exploited.”
If you have not done so and use apple devices, it is essential to check that you are running the latest operating system version and that all security patches are installed. You can easily ensure that your systems are updated with the latest patches by ensuring that Automatic Updates are enabled.
As of today, the latest versions that fixed the above-mentioned vulnerabilities are:
iOS 15.6.1, iPadOS 15.6.1, and macOS Monterey 12.5.1
Which are available on:
iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad Mini 4 and later, and iPod touch (7th generation).