Apple Updates Multiple Operating Systems

by

August 22, 2022

Apple has released a round of software updates for iOS, iPadOS, MacOS, and Safari and we highly recommend you install them as soon as possible. The updates patch kernel and WebKit flaws that could allow attackers to take over a device.

All devices running iOS and iPadOS 15.6, as well as macOS Monterey 12.5, are impacted by the vulnerability. The main flaw, CVE-2022-32894 impacts both mobile and desktop OS. CVE-2022-32894 is described by Apple as an “out-of-bounds write issue.” This allows attackers to execute arbitrary code with kernel privileges via a compromised application.

Apple didn’t give any examples but said the vulnerability has likely been exploited.

The second flaw, CVE-2022-32893, is a WebKit bug that also allows for “out of bound write issues.” CVE-2022-32893 allows for the processing of “maliciously crafted web content that can lead to code execution.” Apple said this CVE is also likely to have been exploited.

Both flaws offer attackers a near Pegasus-like amount of control over an end-users device if exploited correctly. Pegasus is software created by the Israeli-based NSO Group that’s been compromising iPhones the world over. We’ve previously covered that here and here.

You can read more about Apple’s security updates on this webpage: https://support.apple.com/en-us/HT201222

Carl Keyser is a Digital Marketing Specialist at Integris.

Keep reading

Managed IT Services St. Paul: 5 Powerful Advantages for Businesses

Managed IT Services St. Paul: 5 Powerful Advantages for Businesses

As a business owner, it's important to make the most of your resources. This includes finding cost-effective solutions for managing and maintaining your company's technology. Keeping a competitive edge in your industry requires secure, modern tech that allows your...

IT Support Minneapolis: Where to Find Top IT Services in Minneapolis

IT Support Minneapolis: Where to Find Top IT Services in Minneapolis

If you’re wondering where to find top IT services in Minneapolis, it’s important to identify providers that offer a wide range of support, have great service and provide solid tech expertise. Comprehensive technology insight is especially important when it comes to IT...

Webinar: Email Security that Doesn’t Suck…

Webinar: Email Security that Doesn’t Suck…

Trustifi and Security 7 present Email Security That Doesn’t Suck.  In today’s age of over-complicated security tools, it is extremely difficult to manage the fine balance between security and productivity.   {% video_player "embed_player" overrideable=False,...