Apple patched many zero-day bugs in iOS 15.4.1 and macOS 12.3.1 updates
In the newly released iOS 15.4.1 and macOS Monterey 12.3.1 updates, Apple has fixed some serious security holes. In it, a number of dangerous zero-day vulnerabilities being exploited are also fixed.
One of the patched zero-day vulnerabilities affects both iOS and macOS devices. According to Apple, upon a successful exploit, the hacker can execute arbitrary code with kernel privileges. The second vulnerability was found in the Intel Graphics driver, so it only affects macOS and can lead to kernel memory leaks.
Both were reported by an anonymous researcher and you can read more details below:
Apple AVD Vulnerability
Affected : macOS Monterey and iOS 15.
Impact : An application can execute arbitrary code with kernel privileges.
Description : Out-of-bounds data logging problem has been solved by improving the limit checking process. Apple has received reports of this vulnerability being exploited by hackers.
More information : This vulnerability is tracked under the code CVE-2022-22675 and reported by an anonymous researcher.
Vulnerability in Intel Graphics Driver
Affected : macOS Monterey.
Impact : An application can read kernel memory.
Description : The issue of reading out of bounds data that could lead to kernel memory leaks has been resolved by improving input validation. Apple has received reports of this vulnerability being exploited by hackers.
More information : This vulnerability is tracked under code CVE-2022-22674 and reported by an anonymous researcher.
iOS 15.4.1 also fixes a fast battery drain issue while macOS 12.3.1 fixes an issue that caused a Bluetooth device to disconnect unexpectedly from a Mac.
You should read it
- Apple Patches Zero-Day Vulnerability That Could Let iPhones, iPads, and MacBooks Get Hacked
- Microsoft urgently patched zero-day vulnerability after 2 years of refusing to acknowledge it
- Microsoft urges Admin to patch PowerShell vulnerability on Windows
- Patches of dangerous vulnerabilities being exploited by hackers contain dangerous holes and then continue to be exploited by hackers
- Discovering two serious RCE vulnerabilities on Windows, Microsoft had to issue an emergency patch
- Warning of dangerous Spring4Shell vulnerability, there are signs of scanning and exploiting
- Internet Explorer crashed extremely dangerous, Microsoft released an emergency patch
- PrintNightMare vulnerability patch is flawed, attackers can still 'break through'
- Apple has released an update to patch a series of vulnerabilities in iOS, macOS, Safari and many other platforms, update now!
- Microsoft releases urgent patch for printer error emergency patch
- Microsoft updated Patch Tuesday in October 2020, patching the 'Ping of Death' vulnerability on Windows 10
- Download an emergency Windows patch right away, fix two critical vulnerabilities, affecting every Windows version
Maybe you are interested
There is a serious security vulnerability that has existed for 18 years in AMD processors, but it is not too worrying
A dangerous vulnerability that has existed for 18 years threatens millions of AMD Ryzen and EPYC CPUs
Google Workspace security vulnerability caused thousands of user accounts to be attacked
Thousands of iOS apps could be at risk because of an open source vulnerability
Serious vulnerability in OpenSSH threatens millions of servers
Google releases emergency update to patch Chrome vulnerability