he vulnerabilities ‘CVE-2022-32894’ and ‘CVE-2022-32893’, discovered by an anonymous researcher, affect all three Apple devices – iPhone, Macs, and iPad.
HIGHLIGHTS
- The CVE-2022-32894 is a kernel vulnerability.
- The ‘CVE-2022-32893’ is a WebKit vulnerability and if not fixed, can lead to arbitrary code execution.
- Apple is separately rolling out an update for the Safari browser to ensure users’ protection.
Apple is rolling out an “important”, which it “recommends” all iPhone, Mac, and iPad users to download. The iOS 15.6.1, macOS Monterey 12.5.1, and iPadOS 15.6.1 updates, also available in India, patch two zero-day vulnerabilities being actively exploited in the wild. If not patched immediately, attackers can hack into the system and access sensitive data. Apple, like most other tech firms, does not disclose or discuss the exact security issue until all devices are running the patched version of OS (operating system). The company is also separately rolling out an update for the Safari browser to ensure users’ protection. It upgrades the version to Safari 15.6.1.
As per the official changelog, the vulnerabilities ‘CVE-2022-32894’ and ‘CVE-2022-32893’, discovered by an anonymous researcher, affect all three Apple devices – iPhone, Macs, and iPad. The CVE-2022-32894 vulnerability is described as an “out-of-bounds write issue” and affects the kernel – the core of the OS. The ‘CVE-2022-32893’ is a WebKit vulnerability and if not fixed, can lead to arbitrary code execution.
For end users, all they need to realise is that the vulnerabilities carry a high impact status and can be exploited by attackers if discovered. Before that happens, it is advised to update your iPhone, Mac, and iPad as soon as possible.
The iOS 15.6.1 and iPadOS 15.6.1 is available for iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation). To download the software manually, head to Settings > General > Software update > Download and Install.
macOS Monterey 12.5.1 can be downloaded by heading to the Apple menu > System Preferences, then click on Software Update. Users can also click the Apple menu — the number of available updates, if any, is shown next to System Preferences.
Apple also released iOS 16 beta 5 versions earlier this month. It brings the much-awaited battery percentage to the battery icon in the status bar. Apple removed this feature following the launch of the iPhone X in 2018.