Apple recently released iOS 15.3 and macOS Monterey 12.2 with a fix for the privacy-defeating bug in Safari, as well as to contain a zero-day flaw, which it said has been exploited in the wild to break into its devices.
Tracked as CVE-2022-22587, this is the third zero-day vulnerability discovered in IOMobileFrameBuffer in a span of six months after CVE-2021-30807 and CVE-2021-30883. Last month, Apple resolved four additional weaknesses in the kernel extension that is used to manage the screen framebuffer.
The vulnerability relates to a memory corruption issue in the IOMobileFrameBuffer component that could be abused by a malicious application to execute arbitrary code with core privileges.
The tech giant also fixed a recently disclosed vulnerability in Safari that developed from a faulty implementation of the IndexedDB API (CVE-2022-22594), which could be abused by a malicious website to track users' online activity in the web browser and even reveal their identity.
The updates are available for iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, iPod touch (7th generation), and macOS devices running Big Sur, Catalina, and Monterey.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.