In the past few hours, Apple has released updates for a good number of its operating systems, which should be applied as soon as possible because they contain fixes for security flaws that may be known and actively exploited at this time. In detail we have macOS 12 .5.1, iOS and iPadOS 15 .6.1; then there is also watchOS 8.7.1, available only for Apple Watch Series 3, but there is no public changelog and we do not know if it is related to the same problems seen in other platforms.
Both macOS and iOS / iPadOS fix two bugs:
- CVE-2022-32893: Bug in WebKit, the web browser engine developed by Apple itself that is the basis of Safari on both Mac and iPhone / iPad and other Apple internet apps. WebKit is also the engine that all web browsers are forced to use on the iPad and iPhone. The bug allowed arbitrary code execution on the device via “purpose-built malicious web content”
- CVE-2022-32894: The kernel-level vulnerability that allows unauthorized apps to execute code with the same access privileges as the kernel
It is currently unclear whether previous versions of operating systems may be affected by the same flaw. For now, Apple has not released any indications (or patches) in this regard. Each user should soon receive a notification (if he has not already received it) that warns of the presence of a new update; however, we remind you that it is also possible to carry out a manual check in a few simple steps:
macOS
- Click on the Apple menu (apple symbol)
- Click on System Preferences
- Click on Software Updates
iOS/iPadOS
- Open the Settings app
- Choose the item General
- Choose Software Update