Apple releases important security patches for iOS and macOS

Apple releases security patches for iOS and macOS. Two zero-day vulnerabilities could give an attacker complete control. Please update as soon as possible.

Apple recently released a security patch to address a zero-day vulnerability that attackers could use to take full control of an iPhone, iPad, or computer running macOS Monterey. The security brief provided by the tech giant is rather sparse in detail, but it mentions the CVE-2022-3289 vulnerability discovered by an anonymous researcher.

Apple releases security patches for iOS and macOS

According to the information, this vulnerability could be exploited “to execute arbitrary code with administrative privileges”, which means that attackers could impersonate a legitimate device user and gain administrative control over the target machine. The Cupertino-based company explains that it has been informed that this vulnerability has already been exploited.

Two zero-day vulnerabilities could give an attacker complete control

In addition, the Apple brand has released a patch to address a vulnerability affecting WebKit, the rendering engine used by Safari, Mail, and many other iOS and macOS apps. The latter allows attackers to execute arbitrary code, which could allow, among other things, more malware to be downloaded to the machine, the company says. As with the first vulnerability, Apple credits the anonymous researcher for discovering this vulnerability and explains that she was informed that it had already been used to compromise iOS and macOS devices.

Update ASAP

These two flaws are present in macOS Monterey 12.5.1 and Apple has released a fix for the operating system. They affect some iPhones and iPads in the same way: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7ᵉ generation).. And since both are likely to be actively exploited, owners of one or more of these devices should download and install these patches as soon as possible.

CDN CTB