Apple fixes multiple flaws in iOS, iPadOS, macOS, tvOS, and watchOS devices

Apple released security updates to address multiple vulnerabilities that affect iOS, iPadOS, macOS, tvOS, and watchOS devices.

Apple released security updates to fix 37 vulnerabilities impacting iOS, iPadOS, macOS, tvOS, and watchOS devices. The flaws addressed by Apple lead to arbitrary code execution, privilege escalation, denial-of-service (DoS), and information disclosure.

Below is the list of Apple security updates:

One of the most severe issues addressed by the IT giant is a heap buffer overflow tracked as CVE-2022-2294. The vulnerability resides in the Web Real-Time Communications (WebRTC) component and was discovered by Google researchers who confirmed it is actively exploited in the wild in attacks aimed at Chrome users.

The vulnerability was reported by Jan Vojtesek from the Avast Threat Intelligence team on 2022-07-01.

Another arbitrary code execution issue that was addressed by the company with the release of Safari 15.6 are:

• CVE-2022-32792 – An out-of-bounds write issue was addressed with improved input validation.

The company also addressed several arbitrary code execution flaws impacting Neural Engine, Audio, GPU Drivers, ImageIO, and Kernel.

Users should upgrade their devices by installing iOS 15.6, iPadOS 15.6, macOS (Monterey 12.5, Big Sur 11.6.8, and 2022-005 Catalina), tvOS 15.6, and watchOS 8.7.

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, arbitrary code execution)

The post Apple fixes multiple flaws in iOS, iPadOS, macOS, tvOS, and watchOS devices appeared first on Security Affairs.