Tech News

Users with iPhone, iPad and Mac must urgently download the latest security patch

In view of threats against macOS Monterey and iOS and iPadOSTOpple released a patch this week to correct two zero-day vulnerabilities, according to the Cupertino company.

[article_mb_code]

It was on Thursday when they made the announcement, assuring that they will remain aware of the possibility that the vulnerabilities could be actively exploited by attackers in malicious campaigns.

It’s about the CVE-2022-22675 and CVE-2022-22674. The former only affects iOS and iPadOS, but both are present in macOS. As reported by Apple, the updates are 15.4.1 for iOS and iPadOS, and 12.3.1 for macOS Monterey.

[article_mb_code]

According to ESET, regarding the impact of the vulnerabilities, CVE-2022-22674 affects only macOS Monterey and lies in the Intel Graphic Driver. The bug consists of an “out-of-bounds” reading problem, that is, outside the limits, which if exploited would allow an application to read kernel memory.

In the case of CVE-2022-22675, in addition to macOS Monterey, it also affects iPhone 6s and earlier, all iPad Pro models, iPad Air 2 and earlier, iPad 5th generation and earlier, iPad mini 4 and earlier, and iPad touch 7th generation.

[article_mb_code]

The vulnerability lies in AppleAVD, which is Apple’s framework for decoding audio and video, and allows an attacker to execute arbitrary code with kernel privileges, which it involves can execute any command on the vulnerable computer.

While Apple disclosed that it is aware of the possibility that both vulnerabilities are being exploited by threat actors in malicious campaigns, it did not reveal many details.

It should be noted that zero-day threats They are not the first that Apple patches so far in 2022. In February the company released an update to fix CVE-2022-22620 affecting iOS, iPadOS and macOS that allowed remote code execution; and before this failure, it had patched two other vulnerabilities that allowed the execution of arbitrary code, such as CVE-2022-22594 and CVE-2022-22587.

How to get the security patch

[article_mb_code]

To avoid being a victim of any vulnerability, it is best for users to update their devices as soon as possible to keep their computers safe with the latest security patches.

Generally, users automatically receive a message announcing that the update is available. In this case, just press “Install Now”.

Those who have not yet received the notification, they should connect the device to the charger, activate WLAN and go to “Settings / General / Software update”. Then, they only have to press “Download and install”.

Apple introduced iPhone SE and iPad Air with 5G connectivity

Apple introduced a new version of the iPhone SE and the fifth generation of the iPad Air. The new 4.7-inch iPhone SE 3 maintains its similar design to the iPhone 6, while the new 10.9-inch iPad Air is visually closer to the iPad Pro. Both devices have been updated with 5G connectivity, function that is offered as an option on the iPad.

The iPhone SE 3 incorporates the same A15 Bionic processor that the iPhone 13 carries. According to Apple, the chip manages to improve the performance and functions of the camera, as well as guarantee a longer battery life.

The fifth generation iPad Air has a octa-core M1 chip already known in Mac computers. Through this, the manufacturer promises up to 60 percent more power than that offered by the A14 chip of the predecessor model.

(With information from agencies)

Tags
Back to top button