Security News > 2022 > August > Apple Releases Security Updates to Patch Two New Zero-Day Vulnerabilities
Apple on Wednesday released security updates for iOS, iPadOS, and macOS platforms to remediate two zero-day vulnerabilities previously exploited by threat actors to compromise its devices.
CVE-2022-32894 - An out-of-bounds issue in the operating system's Kernel that could be abused by a malicious application to execute arbitrary code with the highest privileges.
CVE-2022-22587 - A malicious application may be able to execute arbitrary code with kernel privileges.
CVE-2022-22620 - Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2022-22675 - An application may be able to execute arbitrary code with kernel privileges.
The iOS and iPadOS updates are available for iPhone 6s and later, iPad Pro, iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch.
News URL
https://thehackernews.com/2022/08/apple-releases-security-updates-to.html
Related news
- Week in review: Exploited Ivanti Connect Secure zero-day, Patch Tuesday forecast (source)
- Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws (source)
- 3 Actively Exploited Zero-Day Flaws Patched in Microsoft's Latest Security Update (source)
- Rsync vulnerabilities allow remote code execution on servers, patch quickly! (source)
- Patch Tuesday: January 2025 Security Update Patches Exploited Elevation of Privilege Attacks (source)
- 7-Zip fixes bug that bypasses Windows MoTW security warnings, patch now (source)
- Patch procrastination leaves 50,000 Fortinet firewalls vulnerable to zero-day (source)
- Asus lets processor security fix slip out early, AMD confirms patch in progress (source)
- Apple fixes this year’s first actively exploited zero-day bug (source)
- Apple Patches Actively Exploited Zero-Day Affecting iPhones, Macs, and More (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-24 | CVE-2022-32894 | Out-of-bounds Write vulnerability in Apple products An out-of-bounds write issue was addressed with improved bounds checking. | 7.8 |
| 2022-05-26 | CVE-2022-22675 | Out-of-bounds Write vulnerability in Apple products An out-of-bounds write issue was addressed with improved bounds checking. | 7.8 |
| 2022-03-18 | CVE-2022-22620 | Use After Free vulnerability in Apple products A use after free issue was addressed with improved memory management. | 8.8 |
| 2022-03-18 | CVE-2022-22587 | Out-of-bounds Write vulnerability in Apple Iphone OS and Macos A memory corruption issue was addressed with improved input validation. | 9.8 |