Apple critical security update Jan 2022 has released security updates for multiple products. A total of 16 vulnerabilities were addressed. Exploiting some of these security flaws could allow an attacker to take control of an affected system.
The release also includes patches for two critical zero-day bugs exploited by attackers in the wild. These vulnerabilities can be tracked as CVE-2022-22587 and CVE-2022-22594. They affect macOS, iOS, iPadOS, and Safari browsers. Endpoints that have not been patched are advised to deploy patches ASAP using any patch management tool.
Apple critical security update Jan 2022 update for macOS includes fixes for 16 vulnerabilities that could allow an attacker to execute arbitrary code with kernel advantage, gain access to restricted files, bypass privacy preferences, gain elevated privileges, corrupt kernel memory, etc. Therefore, a total of 4 vulnerabilities have been fixed in Apple Safari. In brief, successful exploitation of these vulnerabilities will allow attackers to conduct arbitrary code execution, sensitive information report, cross-site scripting attacks.
Zero-Day (CVE-2022-22587)
This January’s security update fixed a critical zero-day memory corruption vulnerability actively exploited in the wild. It exists in IOMobileFrameBuffer(a kernel extension) component of macOS, iOS and iPadOS. Hence, the vulnerability allows an attacker to execute random code with kernel privileges. The vulnerability is reported by Security researchers Meysam Firouzi and Siddharth Aeri.
Zero-Day (CVE-2022-22594)
Another critical zero-day vulnerability in the Safari browser is also fixed in this January’s security update. It exists in the WebKit component of the Safari browser for macOS, iOS, and iPadOS. The flaw is due to a cross-origin issue in the IndexDB API, which web browsers use to manage a NoSQL database of JSON objects. However, the vulnerability allows an attacker to track user browsing activity and identities in real-time. The vulnerability is reported by Security researchers Martin Bajanik of FingerprintJS.
Apple Security Updates Summary for January 2022:
- Affected OS: macOS Big Sur and macOS Catalina
- Affected features: WebKit, WebKit Storage
- Impact: Information Disclosure, Cross-Site Scripting, Code Execution
- CVEs: CVE-2022-22590, CVE-2022-22592, CVE-2022-22589, CVE-2022-22594
- Affected OS: macOS Catalina, macOS Monterey, macOS Big Sur
- Affected features: Kernel, Model I/O, PackageKit, Sandbox, TCC, Audio, iCloud, IOMobileFrameBuffer, AMD Kernel, ColorSync, Crash Reporter, iCloud, Intel Graphics Driver, WebKit, WebKit Storage
- Impact: Information Disclosure, Arbitrary Code Execution, Access Control Bypass, Privilege Escalation
- CVEs: CVE-2021-30946, CVE-2021-30960, CVE-2021-30972, CVE-2022-22578, CVE-2022-22579, CVE-2022-22583, CVE-2022-22584, CVE-2022-22585, CVE-2022-22586, CVE-2022-22587, CVE-2022-22589, CVE-2022-22590, CVE-2022-22591, CVE-2022-22592, CVE-2022-22593, CVE-2022-22594
- Affected Applications: Apple TV 4K and Apple TV HD
- Affected features: ColorSync, Crash Reporter, iCloud, Kernel, Model I/O, WebKit, WebKit Storage
- Impact: Information Disclosure, Arbitrary Code Execution, Privilege Escalation, Cross-Site Scripting, Security Bypass
- CVEs: CVE-2022-22584 , CVE-2022-22578, CVE-2022-22585, CVE-2022-22593, CVE-2022-22579 , CVE-2022-22590, CVE-2022-22592, CVE-2022-22589, CVE-2022-22594
- Affected Applications: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
- Affected features: ColorSync, Crash Reporter, iCloud, IOMobileFrameBuffer, Kernel, Model I/O, WebKit, WebKit Storage
- Impact: Arbitrary Code Execution, Privilege Escalation, Information Disclosure, Cross-Site Scripting, Access Bypass
- CVEs: CVE-2022-22584, CVE-2022-22578, CVE-2022-22585, CVE-2022-22587, CVE-2022-22593, CVE-2022-22579, CVE-2022-22589, CVE-2022-22590, CVE-2022-22592, CVE-2022-22594
- Affected Applications: Apple Watch Series 3 and later
- Affected features: ColorSync, Crash Reporter, iCloud, Kernel, WebKit, WebKit Storage
- Impact: Arbitrary Code Execution, Privilege Escalation, Security Bypass, Cross-Site Scripting, Information Disclosure
- CVEs: CVE-2022-22584, CVE-2022-22578, CVE-2022-22585, CVE-2022-22593, CVE-2022-22590, CVE-2022-22592, CVE-2022-22594, CVE-2022-22589
SanerNow VM and SanerNow PM detect these vulnerabilities and automatically fix them by applying security updates. To conclude, use SanerNow and keep your systems updated and secure.