Latest iOS 15 and macOS 12 updates contain critical security patches
Nearly every operating system update contains fixes for security vulnerabilities, and the latest releases are no exception. Find out what has been patched by iOS 15.6, macOS 12.5, and the others.
Apple's updates provide critical patches for security vulnerabilities
Apple doesn't disclose or confirm security issues until an investigation has occurred and patches are made available. On Wednesday, Apple released a slew of updates for its devices to ensure continued secure and stable operation.
Apple released iOS 15.6, iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, macOS Big Sur 11.6.8, and macOS Catalina 10.15.7 2022-005 with various security patches and other fixes. Due to Apple's operating systems sharing a lot of code base and functionality, a single fix can be applicable across every OS.
Most of the fixes are related to unauthorized permissions being granted to an attacker, app, or user. Several vulnerabilities were addressed across every operating system.
Users generally don't need to worry about specific fixes applied in an update. It is important to install an update as soon as practical balanced against the needs of mission-critical software to ensure device security is sound.
Those interested in detailed information about every security update can visit Apple's security update website.
Read on AppleInsider
Apple's updates provide critical patches for security vulnerabilities
Apple doesn't disclose or confirm security issues until an investigation has occurred and patches are made available. On Wednesday, Apple released a slew of updates for its devices to ensure continued secure and stable operation.
Apple released iOS 15.6, iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, macOS Big Sur 11.6.8, and macOS Catalina 10.15.7 2022-005 with various security patches and other fixes. Due to Apple's operating systems sharing a lot of code base and functionality, a single fix can be applicable across every OS.
Most of the fixes are related to unauthorized permissions being granted to an attacker, app, or user. Several vulnerabilities were addressed across every operating system.
- An issue with APFS could give an app with root privileges the ability to execute arbitrary code with kernel privileges. Fixed with improved memory handling. CVE-2022-32832
- A remote user may be able to cause kernel code execution thanks to a vulnerability with Apple AVD. A buffer overflow issue was addressed with improved bounds checking as a fix. CVE-2022-32788
- An app may be able to gain root privileges through the AppleMobileFileIntegrity kernel extension. An authorization issue was addressed with improved state management. CVE-2022-32826
- An app may be able to execute arbitrary code with kernel privileges through the audio extension. An out-of-bounds write issue was addressed with improved input validation. CVE-2022-32820
- A remote user may cause an unexpected app termination or arbitrary code execution through the CoreText extension. The issue was addressed with improved bounds checks. CVE-2022-32839
Users generally don't need to worry about specific fixes applied in an update. It is important to install an update as soon as practical balanced against the needs of mission-critical software to ensure device security is sound.
Those interested in detailed information about every security update can visit Apple's security update website.
Read on AppleInsider
Comments
That's because not all updates are equal. If they're patching a serious, in-the-wild security issue, then benefits of updating ASAP outweigh the dangers. Especially if you're several versions in to a major release, as this is. If the security issues are serious, but not in-the-wild, then waiting a day or two may still be prudent. If there are no major security issues being fixed, and you're not experiencing any problems yourself, then waiting a week or more might even be appropriate.
I always back up before doing any updates you never know.
So how bad is this memory leak problem and what workaround can be done to fix it? Restart the phone? Force retstart (Apple isn't crazy about random forced restarts IIRC)? Or do we just hang tough until iOS 15.7 fixes the leak.