Security News > 2022 > April > Apple patched critical flaws in macOS Monterey but not in Big Sur nor Catalina
Apple last week patched two actively exploited vulnerabilities in macOS Monterey yet has left users of older supported versions of its desktop operating system unprotected.
In a blog post on Tuesday, security biz Intego said fixes applied to address CVE-2022-22675 and CVE-2022-22674 in macOS Monterey were not backported to macOS Big Sur or macOS Catalina.
Apple's macOS Monterey debuted on October 25, 2021, and is the most recent macOS release.
In recent times, the iBiz has supported its active macOS release for a year while also publishing updates and security patches for its previous two macOS releases.
Support for macOS Catalina is expected to end around November 2022, and macOS Big Sur's retirement date looks to be, more or less, November 2023.
"We have high confidence that CVE-2022-22674 likely affects both macOS Big Sur and macOS Catalina," because nearly every vulnerability in the Intel Graphics Driver component in recent years has affected all versions of macOS. Long added that there are dozens of other vulnerabilities in Big Sur and Catalina that are not being actively exploited.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/04/06/apple_patched_zerodays_in_macos/
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-26 | CVE-2022-22675 | Out-of-bounds Write vulnerability in Apple products An out-of-bounds write issue was addressed with improved bounds checking. | 9.3 |
| 2022-05-26 | CVE-2022-22674 | Out-of-bounds Read vulnerability in Apple mac OS X and Macos An out-of-bounds read issue existed that led to the disclosure of kernel memory. | 4.9 |