Security News > 2022 > October > Apple megaupdate: Ventura out, iOS and iPad kernel zero-day – act now!

Apple megaupdate: Ventura out, iOS and iPad kernel zero-day – act now!
2022-10-25 18:03

The "Clear-and-present danger" prize goes to iOS and iPadOS, which get updated to version 16.1 and 16 respectively, where one of the listed security vulnerabilites allows kernel code execution from any app, and is already actively being exploited.

As you might have assumed, given that the release of Ventura takes macOS to version 13, three-versions-ago macOS 10 Catalina doesn't appear in the list this time.

Apple typically provides security updates only for the previous and pre-previous versions of macOS, and that's how the patches played out here, with patches to take macOS 11 Big Sur to version 11.7.1, and macOS 12 Monterey to version 12.6.1.

If you aren't on Ventura but intend to upgrade right away, your first experience of the new version will automatically include the 112 CVE patches mentioned above, so the version upgrade will automatically include the needed security updates.

If you're planning on sticking with the previous or pre-previous macOS version for a while yet, don't forget that you need two updates: one specific to Big Sur or Monterey, and the other an update for Safari that's the same for both operating system flavours.

On iOS or iPad OS, urgently use Settings > General > Software Update On macOS, use Apple menu > About this Mac > Software Update macOS 13 Ventura Beta users should update immediately to the full release.


News URL

https://nakedsecurity.sophos.com/2022/10/25/apple-megaupdate-ventura-out-ios-and-ipad-kernel-zero-day-act-now/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apple 72 238 1567 2279 265 4349
Kernel 3 0 7 4 1 12