Apple fixes multiple flaws in iOS, iPadOS, macOS, tvOS, and watchOS devices

Apple released security updates to address multiple vulnerabilities that affect iOS, iPadOS, macOS, tvOS, and watchOS devices.

Apple released security updates to fix 37 vulnerabilities impacting iOS, iPadOS, macOS, tvOS, and watchOS devices. The flaws addressed by Apple lead to arbitrary code execution, privilege escalation, denial-of-service (DoS), and information disclosure.

Below is the list of Apple security updates:

Name and information link	Available for	Release date
Safari 15.6	macOS Big Sur and macOS Catalina	20 Jul 2022
watchOS 8.7	Apple Watch Series 3 and later	20 Jul 2022
Security Update 2022-005 Catalina	macOS Catalina	20 Jul 2022
macOS Big Sur 11.6.8	macOS Big Sur	20 Jul 2022
macOS Monterey 12.5	macOS Monterey	20 Jul 2022
tvOS 15.6	Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD	20 Jul 2022

One of the most severe issues addressed by the IT giant is a heap buffer overflow tracked as CVE-2022-2294. The vulnerability resides in the Web Real-Time Communications (WebRTC) component and was discovered by Google researchers who confirmed it is actively exploited in the wild in attacks aimed at Chrome users.

The vulnerability was reported by Jan Vojtesek from the Avast Threat Intelligence team on 2022-07-01.

Another arbitrary code execution issue that was addressed by the company with the release of Safari 15.6 are:

• CVE-2022-32792 – An out-of-bounds write issue was addressed with improved input validation.

The company also addressed several arbitrary code execution flaws impacting Neural Engine, Audio, GPU Drivers, ImageIO, and Kernel.

Users should upgrade their devices by installing iOS 15.6, iPadOS 15.6, macOS (Monterey 12.5, Big Sur 11.6.8, and 2022-005 Catalina), tvOS 15.6, and watchOS 8.7.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, arbitrary code execution)

[adrotate banner=”5″]

[adrotate banner=”13″]