Apple releases iOS and macOS updates to patch Zero-Day flaw
Apple has released another round of security updates to address multiple vulnerabilities in iOS and macOS, including a new zero-day flaw that has been used in attacks in the wild. With the latest fixes, Apple has addressed seven actively exploited zero-day flaws and one publicly-known zero-day vulnerability since the start of the year.
Apple has also plugged 10 security holes in iOS 16, spanning Contacts, Kernel Maps, MediaLibrary, Safari, and WebKit. The iOS 16 update can also incorporate a new Lockdown Mode that’s designed to make zero-click attacks harder.
Patches are available in versions iOS 15.7, iPadOS 15.7, iOS 16, macOS Big Sur 11.7, and macOS Monterey 12.6. The iOS and iPadOS updates cover iPhone 6s and later, all models of iPad Pro, iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation).
The iOS 16 also brings support for passkeys in the Safari web browser, a passwordless sign-in mechanism that allows users to log in to websites and services by authenticating via Touch ID or Face ID.
The patched zero-day flaws are:
· CVE-2022-22587 (IOMobileFrameBuffer): A malicious application may be able to execute arbitrary code with kernel privileges
· CVE-2022-22594 (WebKit Storage): A website may be able to track sensitive user information (publicly known but not actively exploited)
· CVE-2022-22620 (WebKit): Processing maliciously crafted web content may lead to arbitrary code execution
· CVE-2022-22674 (Intel Graphics Driver): An application may be able to read kernel memory
· CVE-2022-22675 (AppleAVD): An application may be able to execute arbitrary code with kernel privileges
· CVE-2022-32893 (WebKit): Processing maliciously crafted web content may lead to arbitrary code execution
· CVE-2022-32894 (Kernel): An application may be able to execute arbitrary code with kernel privileges
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.