Apple has provided security fixes to tackle a age-old vulnerability that threat players can exploit in attacks on Mac and Apple Watch. Age vulnerabilities are security issues that the software provider is unaware of and does not patch. In some cases, before a remedy is released, this type of weakness may include obvious evidence-based misconduct or be involved in the conflict. Apple acknowledges in a security warning issued on Monday that it is aware of claims that this security breach “may have been misused.”
Third-party web crawlers access what you type before sending. The error is an external script (CVE-2022-22675) in AppleAVD (kernel extension for audio and video conversion) that allows applications to run arbitrary code with kernel benefits. The bug is reported by widget researchers and fixed by Apple in macOS Big Sur 11.6., WatchOS 8.6, and tvOS 15.5 with a review of advanced versions.
List of devices affected with Apple Watch Series 3 or later, Macs running macOS Big Sur, Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD. While Apple has highlighted reports of abuse in the wild, it has not released any additional information about these attacks. By retaining information, the company can aim to allow security updates to reach as many Apple and Macs users as possible before hackers retrieve up-to-date information and begin deploying deployments in other attacks.
Although this age is most likely possible in targeted attacks, it is also highly recommended to install today macOS and watchOS security updates as soon as possible to prevent attack attempts. In January, Apple saved the other two days it spent in the wild to allow hackers to get arbitrary code execution with kernel benefits (CVE-2022-22587) and track web browsing activity and user identities in real time real (CVE-2022-22594).
A month later, Apple launched security updates from a new patch-bug bug (CVE-2022-22620) used to hack iPhones, iPads, and Macs, leading to OS crashes and remote code execution on the hacked Apple device. In March, the dual-core platform was powered by Intel Graphics Driver (CVE-2022-22674) and AppleAVD media decoder (CVE-2022-22675), the latter being back today in older versions of macOS, at watchOS 8.6, and in tvOS 15.5.
These five teens are affecting iPhones (iPhone 6s and up), Macs running MacOS Monterey, and several iPad models. Over the past year, the company has also erased a long list of teenagers used in the wild to target iOS, iPadOS, and macOS devices. Sergiu Gatlan is a reporter who covers cybersecurity, technology, Apple, Google, and a few other topics at Softpedia for more than a decade. Email or Twitter DMs for suggestions.