Apple has released three operating system updates to fix security vulnerabilities that it says “may have been actively exploited.”The macOS 12.5.1, iOS 15.6.1, and iPadOS 15.6.1 updates are now available for download and should be installed as soon as possible.
All three updates fix the same couple of bugs. One of them, designated CVE-2022-32894, is a kernel vulnerability that allows applications to “execute arbitrary code with kernel privileges. content”. Both discoveries are attributed to an anonymous security researcher. WebKit is used in the Safari browser as well as in applications such as Mail that use Apple WebViews to render and display content.
Apple has not released equivalent security patches for macOS Catalina or Big Sur, two older versions of macOS that still receive regular security updates. We have contacted Apple to see if they plan to release these fixes for these older OSes, or if they are unaffected and do not need to be fixed.
Apple’s software release notes for updates do not mention any other fixes or features. Apple is actively developing iOS 16, iPadOS 16, and macOS Ventura, and these updates are due out this fall.