May 17, 2022
Apple Patches 50 Vulnerabilities in Apple macOS Big Sur 11.6.6, Including 2 Zero-Days
Apple has released security updates to address 2 zero-day vulnerabilities actively exploited in the wiled in attacks targeting Macs and Apple Watch devices.
Overall, Apple has patched 50 vulnerabilities in Apple macOS Big Sur 11.6.6, including several arbitrary code execution and privilege escalation vulnerabilities, affecting several products.
The full updated products list can be found on the Apple security updates page.
The Zero-Days Vulnerabilities
The Zero-Days vulnerabilities are in macOS Big Sur 11.6.6, In 2 different drivers, having 2 CVEs:
- CVE-2022-22674– An out-of-bounds read issue, may lead to the disclosure of kernel memory.
- CVE-2022-22675 – An out-of-bounds write issue. may lead to arbitrary code execution with kernel privileges.
- tvOS prior to version 15.5.
CYREBRO updating relevant products up to the latest available releases in accordance with Apple’s advisory.
References: Apple Security Updates