Apple updates macOS, iOS, and iPadOS to fix possibly exploited zero-day flaws
Apple has released updates for many of its operating systems, fixing vulnerabilities that the tech giant says may be under active exploitation.
Affecting macOS, iOS, and iPadOS is CVE-2022-22675, a bug in the audio and video decoder which allows an application to run arbitrary code with kernel privileges. The fix is contained in iOS 15.4.1 and iPadOS 15.4.1, which is available for iPhone 6s and later, iPad Pro, iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and 7th gen iPod touch.
The iOS release also fixed a battery drain issue.
The second fix, released only for macOS Monterey, was CVE-2022-22674, an issue in the Intel graphics driver which allows an application to read kernel memory.
"An out-of-bounds read issue may lead to the disclosure of kernel memory and was addressed with improved input validation," Apple said in a typically small advisory.
"Apple is aware of a report that this issue may have been actively exploited."
Earlier this year, Apple also released iOS 15.3.1 due to the threat of an actively exploited remote flaw.
In that instance, simply visiting a web page could lead to arbitrary code execution.
Related Coverage
- Having iPhone battery issues? Apple just released iOS 15.4.1 with a fix
- Apple Business Essentials leaves beta, AppleCare+ pricing announced
- Apple to let dating apps in the Netherlands use third-party payment systems freely
- WA police now have access to Apple CarPlay
- Apple Studio Display review: An attractive but overpriced 27-inch 5K monitor for Mac-based pros
- The best iPad accessories: Docks, hubs, and more for your tablet