Apple Fixes New Zero-Day Bug Being Actively Exploited by Hackers

Apple has fixed fresh vulnerabilities in iOS and macOS, including a zero-day flaw being actively exploited by hackers. The zero-day flaw, known as CVE-2022-32917, allows a malicious app to run arbitrary code on an affected device with kernel privileges.

Apple Fixes New Zero-Day Bug Being Actively Exploited by Hackers
Apple (Photo Credits: Apple)

New Delhi: Apple has fixed fresh vulnerabilities in iOS and macOS, including a zero-day flaw being actively exploited by hackers. The zero-day flaw, known as CVE-2022-32917, allows a malicious app to run arbitrary code on an affected device with kernel privileges, Apple said in a security update. Apple fixed the bug in updates for iOS 15.7 and iPadOS 15.7, macOS Monterey 12.6 and macOS Big Sur 11.7. Apple WatchOS 9 With New Watch Faces, Health Features Released.

Apple warned that it is aware that this flaw "may have been actively exploited". According to TechCrunch, this is the eighth zero-day vulnerability fixed by Apple this year. In addition to these fixes, Apple also released a fix for a Safari browser flaw that could lead to address bar spoofing.

The security fixes were released along with iOS 16, which brings several security and privacy features, including support for Apple Passkeys and Lockdown Mode.

"Keeping your software up to date is one of the most important things you can do to maintain your Apple product's security," said the company. After a software update is installed for iOS, iPadOS, tvOS, and watchOS, it cannot be downgraded to the previous version.

Last month, Apple released new software updates for iPhones, iPads and Macs to fix two security vulnerabilities known by the tech giant to be actively exploited by attackers.

The two vulnerabilities were found in WebKit, the browser engine that powers Safari and other apps, and the kernel, essentially the operating system's core. The tech giant had said the WebKit bug could be exploited if a vulnerable device accessed or processed "maliciously crafted web content (that) may lead to arbitrary code execution".

(The above story first appeared on LatestLY on Sep 14, 2022 10:46 AM IST. For more news and updates on politics, world, sports, entertainment and lifestyle, log on to our website latestly.com).

Share Now

You Might Also Like

YouTube Ends Support for Older iPhones and iPads Running Old Version of iOS, iPadOS Ahead of Apple WWDC25; Check List of Devices Affected and Other Options

WhatsApp New Feature Update: Meta-Owned Platform Rolls Out ‘Photo and Video Message Animation’ Feature to Android Beta Testers, Coming to Final Users Soon; Check Details

National Cheese Day 2025 Recipes: From Grilled Cheese Sandwich to Caprese Salad, Delicious Food Items To Prepare and Celebrate the Cheesy Day

iPhone 17 Pro Max: Apple To Launch Its Most Premium Smartphone With A19 Pro Chipset, Advanced Features and Major Design Upgrade; Check Expected Price, Specifications and Features

Share Us Share Now