iPhone and Mac users will want to download and install the latest security updates from Apple as the company has patched a zero-day vulnerability that has been exploited in attacks since the beginning of this year.
As reported by BleepingComputer(opens in new tab), the iPhone maker released a set of security advisories(opens in new tab) revealing that the company is aware of reports that this new security flaw “may have been actively exploited’ by hackers.
The zero-day vulnerability, tracked as CVE-2022-32917 and discovered by an anonymous researcher, could allow malicious apps to execute arbitrary code with kernel privileges. Fortunately, Apple has addressed this security flaw with the release of iOS 15.7, iPadOS 15.7, macOS Monterey 12.6 and macOS Big Sur 11.7 through improved bound checks.
Busy patching zero-days
In addition to this latest zero-day, Apple has also backported patches for another zero-day (tracked as CVE-2022-32894) to Macs running macOS Big Sur 11.7. Security updates were released back in August to patch the issue on older iPhones and iPads.
In fact, Apple has been quite busy patching zero-day vulnerabilities this year with seven others fixed so far.
At the beginning of the year in January, the company patched two zero-days that enabled code execution with kernel privileges and web browsing activity tracking. Then in February, Apple released fixes for another WebKit zero-day being used in attacks against iPhones, iPads and Macs. In March, the company patched a zero-day in the Intel Graphics Driver and AppleAVD. Finally, in August, Apple patched two zero-day flaws in the iOS Kernel and WebKit.
Updating to iOS 16 will keep you protected
If you’re concerned about your iPhone being attacked by exploits using this recently patched zero-day vulnerability, then your best bet is to update to iOS 16. Thankfully, we have a guide on how to download iOS 16 ready to go, so you can ensure your iPhone is running the latest software from Apple.
Leave a Reply