Skip to content

Apple fixes 0-day exploited since January alongwith iOS 16 update

Apple has released security updates addressing another zero-day, the eighth one this year, that has been exploited to attack iPhones and Macs since the beginning of the year. The vulnerability tracked as CVE-2022-32917 allowed maliciously made apps to run arbitrary code with kernel privileges. 

The flaw was reported to Apple by an anonymous researcher and has been fixed in  iOS 15.7 and iPadOS 15.7macOS Monterey 12.6, and macOS Big Sur 11.7 which introduces improved bounds checks. Additionally, the next big iPhone update, iOS 16 is also available starting September 12.

While Apple has confirmed that it knows about the vulnerability currently being exploited in the wild, the company hasn’t revealed any details about the attack vector or how it is actually being exploited. This is usually done to allow most customers to update their devices before additional threat actors can develop their own exploits to target unsuspecting users. 

Apple fixes 0-day exploited since January alongwith iOS 16 update
iOS 16 is also available starting September 12 for iPhone 8 and later. | Source: Apple

The impacted devices include the following.

  • iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation
  • and Macs running macOS Big Sur 11.7 and macOS Monterey 12.6

Patches for another zero-day vulnerability tracked as CVE-2022-32894 were also released for Macs running macOS Big Sur 11.7 after the bug was previously fixed on iOS in an August 31 update. 

The zero-day fixed in the latest update is likely to be used in highly targeted attacks meaning while it won’t impact a majority of Apple users, it’s still recommended that users update to the latest iOS, iPadOS and macOS versions to fend off any potential attacks. 

iPhone’s next big update iOS 16 is also available starting September 12 for iPhone 8 and later. The update was announced at WWDC earlier this year and brings major improvements to the lock screen, iMessage, Photos, Maps and improved privacy features.

In the News: Shikitega Linux malware uses multi-stage deployment to avoid detection

Hello There!

If you like what you read, please support our publication by sharing it with your friends, family and colleagues. We're an ad-supported publication. So, if you're running an Adblocker, we humbly request you to whitelist us.

We may earn a commission if you buy something from a link on this page. Thanks for your support.







>