Manzana has released two security patches for its iOS 15, iPadOS 15 and MacOS Monterey operating systems that correct two vulnerabilities located in WebKit and Kernel that would have been actively exploited.
A vulnerability present in the kernelthe kernel of the operating system, allows an application to execute arbitrary code with kernel privileges, as the technology company has indicated on its Support page.
Identified as CVE-2022-32894, it affects iOS 15, iPadOS 15 and MacOS Monterey, three systems that also present a second vulnerability (CVE-2022-32893), this time in WebKit, the browser engine that Safari runs on. Because of it, malicious web content could also lead to the execution of arbitrary code on the devices that access it.
Apple is aware that both vulnerabilities would have been actively exploited, and for this reason it has released two security patches (MacOS Monterey 12.5.1 and iOS/iPadOS 15.6.1), which it urges to install on iPhone 6s and later models, all iPad Pros, on iPad Air 2 and later models, iPad of 5th generation and later, iPad mini 4 and later, and iPod touch 7th generation.
Source: Europa Press
