With the release of iOS 15.4.1 and macOS Monterey 12.3.1 on Thursday, Apple has fixed some bugs in its operating systems. However, in addition to bug fixes, the company also made security enhancements to iOS and macOS, which include patches for multiple zero-day exploits.
One of the patched exploits affected both iOS and macOS devices. According to Apple, the exploit allowed malicious apps to execute arbitrary code with kernel privileges. A second exploit found in the Intel Graphics drivers, which only affected macOS, could lead to the disclosure of kernel memory.
Both exploits were reported by an “anonymous researcher” and have now been fixed, as you can read below:
AppleAVD
Available for: macOS Monterey and iOS 15
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: An out-of-bounds write issue was addressed with improved bounds checking. Apple is aware of a report that this issue may have been actively exploited.
CVE-2022-22675: an anonymous researcher
Intel Graphics Driver
Available for: macOS Monterey
Impact: An application may be able to read kernel memory
Description: An out-of-bounds read issue may lead to the disclosure of kernel memory and was addressed with improved input validation. Apple is aware of a report that this issue may have been actively exploited.
CVE-2022-22674: an anonymous researcher
For those unfamiliar with the term, a zero-day exploit is basically a newly discovered vulnerability that the fix is still unknown to the developers and engineers. That’s why it’s so important to keep your devices updated in order to protect them from malicious software.
When it comes to other bugs, iOS 15.4.1 fixes an issue that could drain the battery of iPhones and iPads more quickly than expected, while macOS 12.3.1 fixes an issue that could cause Bluetooth devices to unexpectedly disconnect from the Mac.
Both iOS 15.4.1 and macOS Monterey 12.3.1 are now available to all users. You can find more details about Apple’s security updates on this webpage.
Author: Filipe Espósito
Source: 9TO5Google