On Wednesday, Apple seeded iOS 15.6, macOS 12.5, and other software updates to the general public. While the new versions of operating systems don’t come with a lot of major features, the company has now revealed that iOS 15.6 and macOS 12.5 contains various critical security patches.
Apple doesn’t disclose vulnerabilities until it has fully investigated the matter and has patched the bug. After the release of iOS 15.6 earlier this week, the company published a new support page laying out several security patches that were bundled in the latest updates. Some of the vulnerabilities that have been fixed with the new version are (via AppleInsider):
- An issue with APFS could give an app with root privileges the ability to execute arbitrary code with kernel privileges. Fixed with improved memory handling. CVE-2022-32832
- A remote user may be able to cause kernel code execution thanks to a vulnerability with Apple AVD. A buffer overflow issue has been addressed with improved bounds checking as a fix. CVE-2022-32788
- An app may be able to gain root privileges through the AppleMobileFileIntegrity kernel extension. An authorization issue was addressed with improved state management. CVE-2022-32826
- An app may be able to execute arbitrary code with kernel privileges through the audio extension. An out-of-bounds write issue was addressed with improved input validation. CVE-2022-32820
- A remote user may cause an unexpected app termination or arbitrary code execution through the CoreText extension. The issue was addressed with improved bounds checks. CVE-2022-32839
While some security fixes are specific to the certain operating system, some of the vulnerabilities have been patched across all the OSes since they share a lot of code base and functionality. Apple says that users should update to the new version of iOS and macOS as soon as possible. Have you installed iOS 15.6 on your iPhone? Let us know in the comments section below!
Source: Apple