This year, Apple released security updates for their third zero-day vulnerability. The affected software processes maliciously crafted web content, leading to arbitrary code execution in WebKit, which is a component included in multiple products.
The recent updates for macOS and other Apple products include the fix for this vulnerability. It is named Use After Free exploit and is tracked as CVE-2022-22620 . As on February 2022, it is being actively exploited by malicious users across the globe.
Zero-Day (CVE-2022-22620)
Apple’s February security update fixed a critical zero-day vulnerability exploited in the wild. The vulnerability allows an attacker to send malicious web content leading to arbitrary code execution. It was discovered and reported by an anonymous researcher.
Affected OS:
macOS Monterey 12.2.1
iOS 15.3.1 and iPadOS 15.3.1
Safari 15.3*
Affected features: WebKit
Impact: Processing maliciously crafted web content may lead to arbitrary code execution.
CVEs: CVE-2022-22620
Solution
SanerNow VM and SanerNow PM detects the vulnerability and automatically fixes it by applying security update. Use SanerNow and keep your systems updated and secure.