Apple Addresses Two Wildly Exploited Zero-Day Vulnerabilities!

Apple released an emergency update to address two zero-day vulnerabilities. The vulnerabilities are tracked as CVE-2022-32893 (out-of-bounds in WebKit) and CVE-2022-32894 (out-of-bounds issue in the operating system’s Kernel). This year apple addressed a total of 6 zero-day vulnerabilities. Therefore, a good vulnerability management tool can solve these issues.

The patch for this issue is included in recent releases for macOS and other Apple products. Apple is aware that threat actors use these vulnerabilities to exploit the wild. Apple has also released an update for watchOS (watchOS 8.7.1), but no CVE is associated with that update. However, A Vulnerability Management Software can prevent these attacks.

• CVE-2022-32893: Attackers use malicious websites which mislead iPhones, iPads, and Macs into running unapproved and untrusted software programs utilizing Apple’s HTML rendering software (WebKit) which will finally lead to remote code execution.

• CVE-2022-32894: An attack which has already access by using CVE-2022-32893 on an Apple device may move from managing just one app to manipulating the entire operating system kernel, however gaining superuser privileges typically only granted to Apple.

1. Spy on all running applications
2. Without visiting the App Store, download and launch new applications.
3. Modify the system security configurations
4. Monitor your web usage
5. Use the device’s cameras
6. Turn on the microphone
7. Capture screenshots
8. Find your geo-location

and much more.

1. Macs running macOS Monterey
2. iPhone 6s and later
3. iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini four and later, and iPod touch (7th generation).

1. macOS Monterey 12.5.1
2. iOS 15.6.1
3. iPadOS 15.6.1

SanerNow VMand SanerNow PM detect the vulnerabilities and automatically fixes them by applying the security update. Therefore, Use SanerNow and keep your systems updated and secure.