Zero-day bug has been plaguing the Apple devices in 2022 and giving hackers access, but an Apple iPhone security flaw fix was released, this time for Safari.
Apple has updated Safari 15.6.1 for macOS Big Sur and Catalina to address a zero-day vulnerability that has been used to hijack Macs in the wild. The zero-day (CVE-2022-32893) corrected today is an out-of-bounds write problem in WebKit that might allow a threat actor to remotely execute malware on a susceptible device. In a security alert issued yesterday, Apple warned:
“Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited,”
Apple iPhone security flaw fix comes after the same issue reoccurs 7th time
An out-of-bounds write vulnerability is when an attacker may submit input to a program that causes it to write data past the end or before the beginning of a memory buffer. As a result, the software crashes and corrupts data, or, in the worst-case situation, executes remote code. Apple claims that they solved the fault by improving bounds checking. According to Apple, the vulnerability was discovered by an unnamed researcher.
This is the same zero-day vulnerability that Apple addressed yesterday for macOS Monterey and iPhone/iPads. Apple has not disclosed how the vulnerability is being exploited in attacks, only that it “may have been actively exploited.” This is Apple’s sixth zero-day vulnerability patched in 2022, with the prior problems listed below:
- Apple addressed two more zero-day issues in the Intel Graphics Driver (CVE-2022-22674) and AppleAVD in March (CVE-2022-22675).
- Apple fixed two additional actively exploited zero-day vulnerabilities in January, allowing attackers to execute code with kernel privileges (CVE-2022-22587) and track web surfing activities (CVE-2022-22594).
- Apple published security fixes in February to address a new zero-day problem that was used to attack iPhones, iPads, and Macs.
We hope that you enjoyed this article on Apple iPhone security flaw fix for zero-day bug has been released. If you did, we are sure that you will also enjoy reading some of our other articles, such as Apple might bring more ads to iPhone apps, or Zoom Mac vulnerability allows hackers to gain remote access.
