Security News > 2022 > September > Apple fixes actively exploited zero-day in macOS, iOS (CVE-2022-32917)
Apple has fixed a slew of vulnerabilities in macOS, iOS, and iPadOS, including a zero-day kernel vulnerability exploited by attackers in the wild.
"Apple is aware of a report that this issue may have been actively exploited," the company said, and noted that the vulnerability has been remediated with improved bounds checks.
The vulnerability has been fixed in macOS 12.6, macOS 11.7, iOS 16, and iOS 15.7 and iPadOS 15.7.
The Big Sur update also contains a fix for CVE-2022-32894, fixed in August in iOS 15.6.1 and iPadOS 15.6, and macOS 12.5.1.
This is the eight time this year that Apple fixes a zero-day vulnerability in the operating systems powering their Macs and iPhones.
iOS 16 is the most current major release of the iOS mobile operating system, which comes with several new security and privacy features.
News URL
https://www.helpnetsecurity.com/2022/09/13/cve-2022-32917/
Related news
- Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update (source)
- Apple fixes this year’s first actively exploited zero-day bug (source)
- Apple Patches Actively Exploited Zero-Day Affecting iPhones, Macs, and More (source)
- Apple plugs security hole in its iThings that's already been exploited in iOS (source)
- Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085) (source)
- Apple fixes zero-day exploited in 'extremely sophisticated' attacks (source)
- Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) (source)
- How to secure Notes on iOS and macOS (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-24 | CVE-2022-32894 | Out-of-bounds Write vulnerability in Apple products An out-of-bounds write issue was addressed with improved bounds checking. | 7.8 |