New macOS 12.5.1 and iOS 15.6.1 updates patch “actively exploited” vulnerabilities
Apple has launched a trio of working system updates to patch safety vulnerabilities that it says “could have been actively exploited.” The New macOS 12.5.1 and iOS 15.6.1 updates can be found for obtain now and ought to be put in as quickly as doable.
The three updates all repair the identical pair of bugs. One, labeled CVE-2022-32894, is a kernel vulnerability that may enable apps “to execute arbitrary code with kernel privileges. The opposite, CVE-2022-32893, is a WebKit bug that permits for arbitrary code execution by way of “maliciously crafted internet content material.” Each discovery are attributed to an nameless safety researcher. WebKit is used within the Safari browser in addition to in apps like Mail that use Apple’s WebViews to render and show content material.
Apple did not launch equal safety patches for macOS Catalina or Large Sur, two older variations of macOS which are nonetheless receiving common safety updates. We have contacted Apple to see whether or not it plans to launch these patches for these older OSes, or if they don’t seem to be affected by the bugs and do not have to be patched.
Apple’s software program launch notes for the updates do not reference some other fixes or options. Apple is actively growing iOS 16, iPadOS 16, and macOS Ventura, and people updates are due out later this fall.