Security News > 2022 > August > Apple security updates fix 2 zero-days used to hack iPhones, Macs

Apple has released emergency security updates today to fix two zero-day vulnerabilities previously exploited by attackers to hack iPhones, iPads, or Macs.

Today, Apple has released macOS Monterey 12.5.1 and iOS 15.6.1/iPadOS 15.6.1 to resolve two zero-day vulnerabilities that are reported to have been actively exploited.

The second zero-day vulnerability is CVE-2022-32893 and is an out-of-bounds write vulnerability in WebKit, the web browser engine used by Safari and other apps that can access the web.

Likely, these zero-days were only used in targeted attacks, but it's still strongly advised to install today's security updates as soon as possible.

In March, Apple patched two more zero-day bugs that were used in the Intel Graphics Driver and AppleAVD that could also be used to execute code with Kernel privileges.

In February, Apple released security updates to fix a new zero-day bug exploited to hack iPhones, iPads, and Macs, leading to OS crashes and remote code execution on compromised devices after processing maliciously crafted web content.

News URL

https://www.bleepingcomputer.com/news/security/apple-security-updates-fix-2-zero-days-used-to-hack-iphones-macs/