With the release of iOS 15.4.1 and macOS Monterey 12.3.1 on Thursday evening, Apple has fixed several bugs in its operating systems. In addition to the bug fixes, the company has also made security improvements to iOS and macOS that include patches for several zero-day exploits.
One of the patched vulnerabilities affected both iOS and macOS devices. Declarations by Apple allowed malicious apps to execute arbitrary code with kernel privileges. A second vulnerability found in Intel graphics drivers and affecting macOS only could lead to kernel memory disclosure.
iOS 15.4.1 and macOS 12.3.1 provide more security
Both security vulnerabilities were reported by an "anonymous researcher" and have since been fixed. The list is as follows:
AppleAVD
- Available for: macOS Monterey and iOS 15
- Impact: An application may be able to execute arbitrary code with kernel privileges
- Description: An out-of-bounds write issue was addressed with improved bounds checking functionality. Apple is aware of a report that this issue may have been actively exploited.
- CVE-2022-22675: an anonymous researcher
Intel graphics driver
- Available for: macOS Monterey
- Impact: An application may be able to read kernel memory
- Description: An out-of-bounds read issue could lead to kernel memory disclosure and was addressed through improved input validation. Apple is aware of a report that this issue may have been actively exploited.
- CVE-2022-22674: an anonymous researcher
Zero-Day Exploit: A Brief Explanation
Since not everyone of you knows what to do with the term, here is a brief explanation. A zero-day exploit is a newly discovered security vulnerability whose fix is still unknown to developers and engineers. That's why it's so important that you always keep your devices up to date to protect them from malicious software. Both iOS 15.4.1 and macOS Monterey 12.3.1 are now available to all users. (Photo by blackboard / Bigstockphoto)
