Apple fixes multiple flaws in iOS, iPadOS, macOS, tvOS, and watchOS devices

Apple released security updates to address multiple vulnerabilities that affect iOS, iPadOS, macOS, tvOS, and watchOS devices.

Apple released security updates to fix 37 vulnerabilities impacting iOS, iPadOS, macOS, tvOS, and watchOS devices. The flaws addressed by Apple lead to arbitrary code execution, privilege escalation, denial-of-service (DoS), and information disclosure.

Below is the list of Apple security updates:

Name and information link Available for Release date
Safari 15.6 macOS Big Sur and macOS Catalina 20 Jul 2022
watchOS 8.7 Apple Watch Series 3 and later 20 Jul 2022
Security Update 2022-005 Catalina macOS Catalina 20 Jul 2022
macOS Big Sur 11.6.8 macOS Big Sur 20 Jul 2022
macOS Monterey 12.5 macOS Monterey 20 Jul 2022
tvOS 15.6 Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD 20 Jul 2022

One of the most severe issues addressed by the IT giant is a heap buffer overflow tracked as CVE-2022-2294. The vulnerability resides in the Web Real-Time Communications (WebRTC) component and was discovered by Google researchers who confirmed it is actively exploited in the wild in attacks aimed at Chrome users.

The vulnerability was reported by Jan Vojtesek from the Avast Threat Intelligence team on 2022-07-01.

Another arbitrary code execution issue that was addressed by the company with the release of Safari 15.6 are:

  • CVE-2022-32792 – An out-of-bounds write issue was addressed with improved input validation.

The company also addressed several arbitrary code execution flaws impacting Neural Engine, Audio, GPU Drivers, ImageIO, and Kernel.

Users should upgrade their devices by installing iOS 15.6, iPadOS 15.6, macOS (Monterey 12.5, Big Sur 11.6.8, and 2022-005 Catalina), tvOS 15.6, and watchOS 8.7.

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, arbitrary code execution)

The post Apple fixes multiple flaws in iOS, iPadOS, macOS, tvOS, and watchOS devices appeared first on Security Affairs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source