Today Apple released the latest macOS update that addresses two zero-day vulnerabilities that have been exposed and potentially used by hackers in the wild. The vulnerabilities have been dubbed CVE-2022-22675, and CVE-2022-22674, with one possibly allowing criminals to run harmful code with kernel-level privileges. The exposure granting read access to kernel memory could allow some malicious programs to be installed on your system by said criminally-minded hackers.
One of the vulnerabilities only affects Mac laptops and desktops with Intel CPUs, so M1-series machines are in the clear for that one. The vulnerability is associated with the Intel Graphic driver, so if you have a machine using an Intel CPU, you should update it immediately. Apple claims that the new update macOS Monterey 12.3.1 will clamp down on these zero-day security flaws that tend to use arbitrary code executions linked to the maker’s audio and video Apple AVD, which is particularly vulnerable to zero-day exploits.
Apple has had to deal with five zero-day flaws so far in 2022 and not just in macOS but also in iOS and iPadOS. It looks like it will be a long year for Apple if these rapid zero-day attacks continue.
The recent update also included some fixes to nagging Bluetooth issues Mac users have been facing and external display issues. The new patch should fix the problem with the external display not turning on when connected to Macs via USB-C and Thunderbolt ports. The Bluetooth issue involved game controllers losing connection while playing music on the Mac. It’s also been addressed in this update, but then again, why would you ever attempt gaming on a Mac?
The updates for macOS, iOS, and iPadOS began rolling out yesterday and should be readily available for your Apple devices by going to Apple menu > System Preferences > Software Update.