Security News > 2022 > August > Apple Releases Security Updates to Patch Two New Zero-Day Vulnerabilities
Apple on Wednesday released security updates for iOS, iPadOS, and macOS platforms to remediate two zero-day vulnerabilities previously exploited by threat actors to compromise its devices.
CVE-2022-32894 - An out-of-bounds issue in the operating system's Kernel that could be abused by a malicious application to execute arbitrary code with the highest privileges.
CVE-2022-22587 - A malicious application may be able to execute arbitrary code with kernel privileges.
CVE-2022-22620 - Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2022-22675 - An application may be able to execute arbitrary code with kernel privileges.
The iOS and iPadOS updates are available for iPhone 6s and later, iPad Pro, iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch.
News URL
https://thehackernews.com/2022/08/apple-releases-security-updates-to.html
Related news
- Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities (source)
- HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws (source)
- Patch Tuesday: Four Critical Vulnerabilities Paved Over (source)
- Zero-days dominate top frequently exploited vulnerabilities (source)
- Most of 2023’s Top Exploited Vulnerabilities Were Zero-Days (source)
- Apple fixes two zero-days used in attacks on Intel-based Macs (source)
- Decades-Old Security Vulnerabilities Found in Ubuntu's Needrestart Package (source)
- Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-24 | CVE-2022-32894 | Out-of-bounds Write vulnerability in Apple products An out-of-bounds write issue was addressed with improved bounds checking. | 7.8 |
| 2022-05-26 | CVE-2022-22675 | Out-of-bounds Write vulnerability in Apple products An out-of-bounds write issue was addressed with improved bounds checking. | 7.8 |
| 2022-03-18 | CVE-2022-22620 | Use After Free vulnerability in Apple products A use after free issue was addressed with improved memory management. | 8.8 |
| 2022-03-18 | CVE-2022-22587 | Out-of-bounds Write vulnerability in Apple Iphone OS and Macos A memory corruption issue was addressed with improved input validation. | 9.8 |