Apple has patched a major zero-day vulnerability being used in the wild against Mac devices and Apple Watches, the company has confirmed.
As reported by BleepingComputer, an unidentified cybersecurity researcher notified Apple of an out-of-bounds write issue in the AppleAVD (audio and video decoding kernel extension), which was abused by threat actors to execute arbitrary code with elevated privileges.
The flaw (tracked as CVE-2022-22675) was fixed in three separate operating systems – macOS Big Sur 11.6, watchOS 8.6, and tvOS 15.5. Besides macOS endpoints running Big Sur, affected devices include Apple TV 4K devices, Apple TV 4K second-gen devices and Apple TV HD devices, as well as Apple Watch Series 3 or newer.
Keeping crooks in the dark
Apple is being relatively tight-lipped on the flaw, not releasing any additional details. In all likelihood, this is due to the fact that it can be exploited with relative ease, and therefore Apple wants to give admins a head start for patching, before the majority of threat actors pick up on it.
Apple has been hard at work, patching this particular flaw for various devices and operating systems.
A month ago, it was reported that the company released fixes for the same issue for practically all iPhone and iPad models.
At the time, users were urged to update their operating systems to the newest version as soon as possible, which was iOS 15.4.1, iPadOS 15.4.1, and macOS Monterey 12.3.1.
And this is hardly the only zero-day the company addressed recently. In March, Apple fixed CVE-2022-22674, while in January, it patched two zero-days – CVE-2022-2587 and CVE-2022-22594.
Via BleepingComputer
English
Arabic
Belarusian
Bengali
Bosnian
Bulgarian
Chinese (Simplified)
Croatian
Czech
Danish
Dutch
Estonian
Filipino
Finnish
French
Georgian
German
Greek
Gujarati
Hausa
Hebrew
Hindi
Hmong
Hungarian
Igbo
Indonesian
Italian
Japanese
Javanese
Kazakh
Korean
Kurdish (Kurmanji)
Kyrgyz
Lao
Latvian
Lithuanian
Macedonian
Malagasy
Norwegian
Persian
Polish
Portuguese
Punjabi
Romanian
Russian
Serbian
Slovak
Slovenian
Spanish
Swedish
Thai
Turkish
Ukrainian
Vietnamese
Yoruba