iOS 15.6.1 fixes two security vulnerabilities that were actively exploited
in the wild
Chance Miller
Apple released iOS 15.6.1 to iPhone and iPad users this afternoon. The
initial release notes did not specify what exactly had changed, other than
Apple saying the update provides important security updates and is
recommended for all users.
According to Apple, iOS 15.6.1 fixes two major vulnerabilities that were
both exploited in the wild. Both of these vulnerabilities impacted every
iPhone and iPad model capable of running iOS 15.
The first vulnerability could have allowed an application to execute
arbitrary code with kernel privileges. The second vulnerability was in
WebKit, the browser engine that powers Safari and all third-party browsers
on iOS. For this vulnerability, Apple says that processing maliciously
crafted web content may lead to arbitrary code execution.
Here are the full details according to Apple:
Impact: An application may be able to execute arbitrary code with kernel
privileges. Apple is aware of a report that this issue may have been
actively exploited.
Description: An out-of-bounds write issue was addressed with improved bounds
checking.
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and
later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch
(7th generation)
Update to iOS 15.6.1 now With two major security fixes, we recommend all
iPhone users update to iOS 15.6.1 immediately and all iPad users update to
iPadOS 15.6.1. You can do so by heading to the Settings app, choosing
General, then choosing Software Update.
macOS Monterey 12.5.1 now available with security fixes
José Adorno
Alongside iOS 15.6.1, Apple is also releasing macOS Monterey 12.5.1. It
fixes two important security issues that have been actively exploited. This
could be one of the latest Monterey updates as Apple readies macOS 13
Ventura.
Todays build is 21G83. In the release notes, Apple says, This update is
recommended for all users and improves the security of macOS.
According to Apple, macOS Monterey 12.5.1 fixes two important bugs that
affected the Kernel and WebKit. Here they are:
block quote
Kernel:
Impact: An application may be able to execute arbitrary code with kernel
privileges. Apple is aware of a report that this issue may have been
actively exploited.
Description: An out-of-bounds write issue was addressed with improved bounds
checking.
WebKit
Impact: Processing maliciously crafted web content may lead to arbitrary
code execution. Apple is aware of a report that this issue may have been
actively exploited.
Description: An out-of-bounds write issue was addressed with improved bounds
checking.
The last update macOS Monterey had, apart from this one, was 12.5; Apple
seeded it nearly a month ago.
Different from other big macOS updates, macOS 12.5 brought two new features:
TV app adds the option to restart a live sports game already in-progress
and pause, rewind, or fast-forward
Fixes an issue in Safari where a tab may revert back to a previous page
macOS Monterey 12.5 also fixed a problem found on Apple Books, as previously
reported by 9to5Mac.
As Apple is mid-cycle through beta testing iOS 16, iPadOS 16, macOS 13
Ventura, watchOS 9, and tvOS 16, peoples focus is on these new operating
systems, expected to launch later this fall and that are also available to
public beta testers as well.
Apple is bringing continuity features across these new systems. iOS 16 has a
new Lock Screen, iPadOS 16 and macOS Ventura bring new multitasking
capabilities, watchOS 9 is revamping Watch Faces, while tvOS 16 was nearly
forgotten by Apple.
===========================================================
The fb-exchange mailing list
Manage account,
List Page: https://www.freelists.org/list/fb-exchange
Subscribe: mailto:fb-exchange-request@xxxxxxxxxxxxx?Subject=subscribe
Unsubscribe: mailto:fb-exchange-request@xxxxxxxxxxxxx?Subject=unsubscribe
Archive: https://www.freelists.org/archive/fb-exchange
Administrative contact: insight@xxxxxxxxxxxxxxxxxxxx
===========================================================
