AppleInsider is supported by its audience and is eligible to earn an Amazon Associate and Affiliate Partner commission on qualifying purchases. These affiliate partnerships do not influence our editorial content.
Almost all operating system updates contain fixes for security vulnerabilities, and the latest releases are no exception. Find out what’s been fixed by iOS 15.6, macOS 12.5 and others.
Apple does not disclose or confirm security issues until an investigation has taken place and fixes are available. On Wednesday, Apple released a series of updates for its devices to ensure safe and stable operation.
Apple has released iOS 15.6, iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, macOS Big Sur 11.6.8 and macOS Catalina 10.15.7 2022-005 with various security fixes and other fixes. Since Apple’s operating systems share many code bases and features, a single patch may be applicable to all operating systems.
Most fixes are related to unauthorized permissions granted to an attacker, application or user. Several vulnerabilities have been fixed on each operating system.
- A problem with APFS could give an application with root privileges the ability to execute arbitrary code with kernel privileges. Fixed with better memory management. CVE-2022-32832
- A remote user may be able to cause kernel code execution through a vulnerability with Apple AVD. A buffer overflow issue has been resolved with improved limit checking as a fix. CVE-2022-32788
- An application may be able to gain root privileges through the AppleMobileFileIntegrity kernel extension. A permission issue was addressed through better state management. CVE-2022-32826
- An application may be able to execute arbitrary code with kernel privileges through the audio extension. An out-of-bounds write issue has been resolved with better input validation. CVE-2022-32820
- A remote user can cause the application to quit unexpectedly or execute arbitrary code via the CoreText extension. The issue has been addressed with improved limit checks. CVE-2022-32839
There are several other fixes for each operating system, some specific to an individual operating system. Apple generally discloses if vulnerabilities are actively used by exploits in the wild.
Users generally don’t have to worry about specific fixes being applied in an update. It is important to install an update as soon as possible based on critical software needs to ensure the security of the device.