You are currently viewing Apple’s July 2022 Critical Security Updates

Apple’s July 2022 Critical Security Updates

Apple released security updates for several products in the Apple Security Updates in July 2022.  There are 75 vulnerabilities covering arbitrary code execution, privilege escalation, information leakage, and denial of service. 13 of the flaws in macOS  are extremely critical because they let an attacker run arbitrary code with kernel privileges. Three issues that could be used to execute arbitrary code and reveal information were also addressed in Safari.


Critical Vulnerabilities :

Due to problems with state management, memory handling, better locking, input validation, and checks, thirteen critical vulnerabilities affect macOS, tvOS, iOS, iPadOS, and watchOS and allow arbitrary code execution with kernel privileges.

CVE-2022-26768: Memory corruption vulnerability in  IOMobileFrameBuffer in iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad Mini 4 and later, and iPod touch (7th generation).

CVE-2022-32796: Memory corruption vulnerability in SMB in macOS Monterey.

CVE-2022-32810: Memory corruption vulnerability in Apple Neural Engine in  Apple Watch Series 4 and later, macOS Big Sur, macOS Monterey,  iOS and iPadOS.

CVE-2022-32811 and CVE-2022-32812:  Memory corruption in vulnerability in Intel Graphics Driver in macOS Catalina, macOS Big Sur, and macOS Monterey.

CVE-2022-32813 and CVE-2022-32815:  Arbitrary code execution vulnerability in kernel in macOS Catalina, macOS Monterey, macOS Big Sur, tvOS and , iOS and iPadOS.

CVE-2022-32814:  Type confusion vulnerability in Multi-Touch in macOS Monterey, tvOS, iOS and iPadOS, and Apple Watch Series 3 and later.

CVE-2022-32820: Out-of-bounds write vulnerability in  Audio in  Apple Watch Series 4 and later, macOS Catalina, macOS Big Sur, macOS Monterey and,  iOS and iPadOS.

CVE-2022-32821: Memory corruption vulnerability in GPU Drivers in  Apple Watch Series 4 and later, macOS Monterey and, iOS and iPadOS.

CVE-2022-32829: Arbitrary code execution vulnerability in kernel in macOS Monterey and, iOS and iPadOS.

CVE-2022-32832: Arbitrary code execution vulnerability in APFS  in macOS Catalina, macOS Monterey, macOS Big Sur, tvOS, iOS and, iPadOS and watchOS.

CVE-2022-32840: Arbitrary code execution vulnerability in Apple Neural Engine in macOS Monterey,  iOS and iPadOS and watchOS.


The July Apple updates addressed vulnerabilities in the following products



  • Product: Safari 15.6
  • Affected OS: macOS Big Sur and macOS Catalina
  • Affected features: Safari Extensions, WebRTC, WebKit
  • Impact: Arbitrary Code Execution, Information Disclosure
  • CVEs : CVE-2022-32784, CVE-2022-32792, CVE-2022-2294




 

4 1 vote
Article Rating
Subscribe
Notify of
0 Comments
Inline Feedbacks
View all comments