Although Apple has released an update to fix two zero-day vulnerabilities in macOS Monterey, the company has not yet applied it to the last two macOS versions, reportedly leaving up to 40% of actively used Macs at risk.
Apple fixed the critical bugs in its March 31, 2022 update for macOS Monterey. However, there is no update yet for macOS Big Sur and macOS Catalina. According to the Mac Security Blog, Apple has traditionally supported the current and the two previous versions of macOS with security updates. Be that as it may, one of the two actively exploited vulnerabilities still specifically targets Big Sur. The CVE-2022-22675 bug affects AppleAVD, the framework used for audio and video decoding.
Security vulnerabilities: iOS and iPadOS have been patched
The second bug, CVE-2022-22674, is in the Intel graphics driver and affects both Big Sur and Catalina. The Mac Security Blog appreciatesthat 35% to 40% of all active Macs are vulnerable. Intego, the publisher of the blog, says that it "assumes with a high degree of probability that CVE-2022-22674 affects both macOS Big Sur and macOS Catalina." One of the reasons it gives for this is that "almost all vulnerabilities in the Intel graphics driver" have affected all versions of macOS. Apple has not yet commented on this. However, the company has released an update for iOS and iPadOS that should fix the AppleAVD bug on iPhones and iPads. (Photo by blackboard / Bigstockphoto)
