{"id":20086,"date":"2022-09-13T16:10:58","date_gmt":"2022-09-14T00:10:58","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2022\/09\/13\/news-13819\/"},"modified":"2022-09-13T16:10:58","modified_gmt":"2022-09-14T00:10:58","slug":"news-13819","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2022\/09\/13\/news-13819\/","title":{"rendered":"Important update! iPhones, Macs, and more vulnerable to zero-day bug"},"content":{"rendered":"<p>On Monday, Apple released a long list of patched vulnerabilities to its software, including&nbsp;a new zero-day flaw affecting Macs and iPhones. The company revealed it&#8217;s aware that threat actors may have been actively exploiting this vulnerability, which is tracked as&nbsp;<strong><a href=\"https:\/\/cve.report\/CVE-2022-32917\" target=\"_blank\" rel=\"noreferrer noopener\">CVE-2022-32917<\/a><\/strong>.<\/p>\n<p>As it&#8217;s a zero-day, nothing much is said about CVE-2022-32917, only that it may allow malformed applications to execute potentially malicious code with kernel privileges. Apple says it&#8217;s patched this flaw with improved bounds checks. Below is a list of products this bug affects:<\/p>\n<ul>\n<li>Macs running&nbsp;<a href=\"https:\/\/support.apple.com\/en-us\/HT213444\" target=\"_blank\" rel=\"noreferrer noopener\">macOS Monterey 12.6<\/a>&nbsp;and&nbsp;<a href=\"https:\/\/support.apple.com\/en-us\/HT213443\" target=\"_blank\" rel=\"noreferrer noopener\">macOS Big Sur 11.7<\/a><\/li>\n<li>iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)<\/li>\n<\/ul>\n<p>CVE-2022-32917 is the eighth zero-day flaw that Apple has addressed since the beginning of 2022. The first seven are as follows:<\/p>\n<ul>\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/cve.report\/CVE-2022-32894\" target=\"_blank\">CVE-2022-32894<\/a>, a flaw in the iOS Kernel, was patched in August<\/li>\n<li><a rel=\"noreferrer noopener\" href=\"https:\/\/cve.report\/CVE-2022-32893\" target=\"_blank\">CVE-2022-32893<\/a>, a flaw in WebKit, was patched in August<\/li>\n<li><a href=\"https:\/\/cve.report\/CVE-2022-22674\" target=\"_blank\" rel=\"noreferrer noopener\">CVE-2022-22674<\/a>, an Intel Graphics Driver bug, was patched in March<\/li>\n<li><a href=\"https:\/\/cve.report\/CVE-2022-22675\" target=\"_blank\" rel=\"noreferrer noopener\">CVE-2022-22675<\/a>, a bug in AppleACD, was patched in March<\/li>\n<li><a href=\"https:\/\/cve.report\/CVE-2022-22620\" target=\"_blank\" rel=\"noreferrer noopener\">CVE-2022-22620<\/a>, a WebKit bug affecting iPhones, Macs, and iPads, was patched in February<\/li>\n<li><a href=\"https:\/\/cve.report\/CVE-2022-22587\" target=\"_blank\" rel=\"noreferrer noopener\">CVE-2022-22587<\/a>, a privileged code execution flaw, was patched in January<\/li>\n<li><a href=\"https:\/\/cve.report\/CVE-2022-22594\" target=\"_blank\" rel=\"noreferrer noopener\">CVE-2022-22594<\/a>, a web browser activity tracking flaw, was patched in January<\/li>\n<\/ul>\n<p>As this latest vulnerability is already being exploited, it&#8217;s really important that you update your devices as soon as you can. Stay safe!<\/p>\n<p><a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2022\/09\/update-now-apple-devices-are-exposed-to-a-new-zero-day-flaw\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<table cellpadding='10'>\n<tr>\n<td valign='top' align='left'>\n<p>Categories: <a href='https:\/\/www.malwarebytes.com\/blog\/category\/exploits-and-vulnerabilities' rel='category tag'>Exploits and vulnerabilities<\/a><\/p>\n<p>Categories: <a href='https:\/\/www.malwarebytes.com\/blog\/category\/news' rel='category tag'>News<\/a><\/p>\n<p>Apple has patched an actively-exploited flaw that affects a host of devices and software, including iPhones, Macs, iPads, and iPod touch.<\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/www.malwarebytes.com\/blog\/news\/2022\/09\/update-now-apple-devices-are-exposed-to-a-new-zero-day-flaw' title='Important update! iPhones, Macs, and more vulnerable to zero-day bug'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel='nofollow' href='https:\/\/www.malwarebytes.com\/blog\/news\/2022\/09\/update-now-apple-devices-are-exposed-to-a-new-zero-day-flaw'>Important update! iPhones, Macs, and more vulnerable to zero-day bug<\/a> appeared first on <a rel='nofollow' href='https:\/\/www.malwarebytes.com'>Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[22783,32],"class_list":["post-20086","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-exploits-and-vulnerabilities","tag-news"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/20086","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=20086"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/20086\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=20086"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=20086"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=20086"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}