Security News > 2022 > July > Apple Releases Security Patches for all Devices Fixing Dozens of New Vulnerabilities
Apple on Wednesday rolled out software fixes for iOS, iPadOS, macOS, tvOS, and watchOS to address a number of security flaws affecting its platforms.
Chief among them is CVE-2022-2294, a memory corruption flaw in the WebRTC component that Google disclosed earlier this month as having been exploited in real-world attacks aimed at users of the Chrome browser.
There is no evidence of in-the-wild zero-day exploitation of the flaw targeting iOS, macOS, and Safari.
The updates also address several arbitrary code execution flaws impacting Apple Neural Engine, Audio, GPU Drivers, ImageIO, IOMobileFrameBuffer, Kernel, and WebKit.
What's more, the latest version of macOS resolves five security vulnerabilities in the SMB module that could be potentially exploited by a malicious app to gain elevated privileges, leak sensitive information, and execute arbitrary code with kernel privileges.
Users of Apple devices are recommended to update to iOS 15.6, iPadOS 15.6, macOS, tvOS 15.6, and watchOS 8.7 to obtain the latest security protections.
News URL
https://thehackernews.com/2022/07/apple-releases-security-patches-for-all.html
Related news
- HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities (source)
- Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities (source)
- Decades-Old Security Vulnerabilities Found in Ubuntu's Needrestart Package (source)
- Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-07-28 | CVE-2022-2294 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |