Security News > 2022 > April > Apple patched critical flaws in macOS Monterey but not in Big Sur nor Catalina

Apple patched critical flaws in macOS Monterey but not in Big Sur nor Catalina
2022-04-06 07:40

Apple last week patched two actively exploited vulnerabilities in macOS Monterey yet has left users of older supported versions of its desktop operating system unprotected.

In a blog post on Tuesday, security biz Intego said fixes applied to address CVE-2022-22675 and CVE-2022-22674 in macOS Monterey were not backported to macOS Big Sur or macOS Catalina.

Apple's macOS Monterey debuted on October 25, 2021, and is the most recent macOS release.

In recent times, the iBiz has supported its active macOS release for a year while also publishing updates and security patches for its previous two macOS releases.

Support for macOS Catalina is expected to end around November 2022, and macOS Big Sur's retirement date looks to be, more or less, November 2023.

"We have high confidence that CVE-2022-22674 likely affects both macOS Big Sur and macOS Catalina," because nearly every vulnerability in the Intel Graphics Driver component in recent years has affected all versions of macOS. Long added that there are dozens of other vulnerabilities in Big Sur and Catalina that are not being actively exploited.


News URL

https://go.theregister.com/feed/www.theregister.com/2022/04/06/apple_patched_zerodays_in_macos/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-05-26 CVE-2022-22675 Out-of-bounds Write vulnerability in Apple products
An out-of-bounds write issue was addressed with improved bounds checking.
local
low complexity
apple CWE-787
7.8
2022-05-26 CVE-2022-22674 Out-of-bounds Read vulnerability in Apple mac OS X and Macos
An out-of-bounds read issue existed that led to the disclosure of kernel memory.
local
low complexity
apple CWE-125
5.5

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apple 72 238 1567 2279 265 4349