Apple releases macOS Monterey 12.5.1, iOS 15.6.1 and iPadOS 15.6.1 with zero-day security fixes
Apple has released the macOS Monterey 12.5.1 update for eligible devices. It has been released along with iOS 15.6.1 and iPadOS 15.6.1 updates for supported iPhones and iPads.
What's new in the macOS Monterey 12.5.1 update?
Critical security fixes
There are no new features in this release, but the firmware ships with fixes for a couple of critical security issues. The first of the two vulnerabilities has been identified as CVE-2022-32894. This is a Kernel level security issue. It could be exploited to allow an application to execute arbitrary code with kernel privileges, and give an attacker total control of the system.
The second security issue has the reference number CVE-2022-32893. This bug affects the WebKit engine which, as you may know, is used by the browser and web apps. The vulnerability could potentially be used to inject maliciously crafted web content, which could then lead to arbitrary code execution. The issue has the tracking id 243557 on Webkit's Bugzilla. The page reveals more details than Apple's support page does, it tells us that the JavaScript issue was discovered earlier this month, and is related to bugs in the JSMap and JSSet.
Apple warns that the vulnerabilities may have been exploited
The official description given by Apple for both fixes indicate that an out-of-bounds write issue was addressed with improved bounds checking. The Cupertino company has warned that the 2 security vulnerabilities may have been actively exploited by hackers, though it did not reveal any further information about any incidents. In other words, these vulnerabilities were zero-day bugs. While that sounds dangerous, it is a good thing that Apple has plugged the security holes to stop threat actors from causing more damage. It is advisable to update your device to the latest patch as soon as possible to minimize the risk of attacks.
The macOS Monterey 12.5.1 update is about 1.18GB to download on the MacBook Air M1. It takes a good 30 minutes or so to be installed. Some users have reported that the update is around 2GB on their Macs.
iOS 15.6.1 and iPadOS 15.6.1 update
Coming to the iOS 15.6.1 and iPadOS 15.6.1 updates, they contain the same security fixes as the ones in the macOS version. The update is available for the iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation).
macOS Ventura could be released in October
A report by Mark Gurman on Bloomberg (paywalled article) claims that Apple is prepping to announce the iPhone 14 lineup on September 7th , followed by the release of the stable version of iOS on September 16th. We will have to wait a bit longer for macOS Ventura 13 to arrive, it is expected to be released sometime in October along with iPadOS. The rollout seems to have been delayed by a month as the company is working on fixing some bugs in Stage Manager. The update will bring a new feature called Lockdown mode, that is capable of preventing targeted spyware attacks.
Have you installed the latest update on your Mac, iPhone or iPad?
Good news for jailbreaking free from pome orchard!
Hi Ashwin,
I just wanted to say that I enjoy reading your articles.
macOS always looked so childish. Now Microsoft is trying to copy it. Sad.
What’s childish about macOS?
I mean I guess I know how I’ve been hacked so fucking hard now. That’s cool. Thanks so much apple for fucking helping me the 6 times I went to your store.
I am very satisfied and happy with OSX Mojave 10.4.6. It is stable and gives me everything I want.