Skip to the main content.

1 min read

Apple Updates Multiple Operating Systems

Apple has released a round of software updates for iOS, iPadOS, MacOS, and Safari and we highly recommend you install them as soon as possible. The updates patch kernel and WebKit flaws that could allow attackers to take over a device.

All devices running iOS and iPadOS 15.6, as well as macOS Monterey 12.5, are impacted by the vulnerability. The main flaw, CVE-2022-32894 impacts both mobile and desktop OS. CVE-2022-32894 is described by Apple as an "out-of-bounds write issue." This allows attackers to execute arbitrary code with kernel privileges via a compromised application.

Apple didn't give any examples but said the vulnerability has likely been exploited.

The second flaw, CVE-2022-32893, is a WebKit bug that also allows for "out of bound write issues." CVE-2022-32893 allows for the processing of "maliciously crafted web content that can lead to code execution." Apple said this CVE is also likely to have been exploited.

Both flaws offer attackers a near Pegasus-like amount of control over an end-users device if exploited correctly. Pegasus is software created by the Israeli-based NSO Group that's been compromising iPhones the world over. We've previously covered that here and here.

You can read more about Apple's security updates on this webpage:

1 min read

WEBINAR: Email Security that Doesn't Suck - September 28th, at 12 p.m.

Trustifi and Security 7 present Email Security That Doesn’t Suck.  In today’s age of over-complicated security tools, it is extremely difficult to...

Read More

SMEs and SMBs are More Vulnerable to Cyberattacks...

One of the most important truths we've discovered since opening the doors here at Security 7 Networks is that Small-to-medium sized businesses (SMBs)...

Read More

Cloudflare Blocks Kiwi Farms...

Security7 Networks has long prided itself on its relationship with Cloudflare. We've championed Cloudflare, not only for its decision-making process...

Read More