Security News > 2022 > August > Apple Releases Security Updates to Patch Two New Zero-Day Vulnerabilities
Apple on Wednesday released security updates for iOS, iPadOS, and macOS platforms to remediate two zero-day vulnerabilities previously exploited by threat actors to compromise its devices.
CVE-2022-32894 - An out-of-bounds issue in the operating system's Kernel that could be abused by a malicious application to execute arbitrary code with the highest privileges.
CVE-2022-22587 - A malicious application may be able to execute arbitrary code with kernel privileges.
CVE-2022-22620 - Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2022-22675 - An application may be able to execute arbitrary code with kernel privileges.
The iOS and iPadOS updates are available for iPhone 6s and later, iPad Pro, iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch.
News URL
https://thehackernews.com/2022/08/apple-releases-security-updates-to.html
Related news
- Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities (source)
- The Rise of Zero-Day Vulnerabilities: Why Traditional Security Solutions Fall Short (source)
- Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited (source)
- Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (source)
- Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries (source)
- Patch Tuesday: Internet Explorer Vulnerabilities Still Pose a Problem (source)
- Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools (source)
- Apple Opens PCC Source Code for Researchers to Identify Bugs in Cloud AI Security (source)
- HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-24 | CVE-2022-32894 | Out-of-bounds Write vulnerability in Apple products An out-of-bounds write issue was addressed with improved bounds checking. | 7.8 |
| 2022-05-26 | CVE-2022-22675 | Out-of-bounds Write vulnerability in Apple products An out-of-bounds write issue was addressed with improved bounds checking. | 7.8 |
| 2022-03-18 | CVE-2022-22620 | Use After Free vulnerability in Apple products A use after free issue was addressed with improved memory management. | 8.8 |
| 2022-03-18 | CVE-2022-22587 | Out-of-bounds Write vulnerability in Apple Iphone OS and Macos A memory corruption issue was addressed with improved input validation. | 9.8 |