Apple releases macOS 11.7.6, macOS 12.6.5 and iOS 15.7.5 to fix 0-day issues
The iOS 15.7.5, iPadOS 15.7.5, macOS 11.7.6, macOS 12.6.5 updates are now available for older iPhones, iPads and Mac computers. The updates fix a couple of 0-day security issues that were fixed recently in the current versions of the operating systems.
In case you missed it, the Cupertino company rolled out the iOS 16.4.1, iPadOS 16.4.1, and macOS Ventura 13.3.1 updates over the last weekend to patch two vulnerabilities. It is worth noting that the company had confirmed that these flaws were actively exploited by hackers. Apple credited two security researchers, Clément Lecigne of Google's Threat Analysis Group, and Donncha Ó Cearbhaill of Amnesty International’s Security Lab, for discovering the vulnerabilities, and reporting them to the Silicon Valley giant.
It is not unusual for Apple to release updates for legacy devices that no longer receive software updates. The company rolls out emergency updates for old phones and Macs in the event of serious security issues, and given that the two bugs were known to be targeted by threat actors, Apple had to act quickly in order to patch the flaws to keep users safe from attacks.
macOS Big Sur 11.7.6 and macOS Monterey 12.6.5
In my previous article, I had mentioned that Apple fixed a security issue that affected its browser. The loophole was mitigated in the Safari 16.4.1. The WebKit vulnerability, which is referenced as CVE-2023-28205, could have been exploited by malicious web pages to run remote code on an affected device. Apple notes that the use after free issue was fixed by improving the memory management.
The macOS Big Sur 11.7.6 and macOS Monterey 12.6.5 updates also include a patch for the other security flaw, that has been listed as CVE-2023-28206. This bug affected the IOSurfaceAccelerator, and could have been used to allow the execution of arbitrary code with kernel privileges. Apple says that it patched the out-of-bounds write issue with improved input validation. You can read the official release notes for macOS Big Sur and Monterey for more details.
iOS 15.7.5 and iPadOS 15.7.5
The latest iOS 15 and iPadOS 15 updates include fixes for both of the aforementioned security issues. The iOS 15.7.5 update is available for the iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation) and iPod touch (7th generation). The iPadOS 15.7.5 is available for the iPad Air 2, and the iPad mini (4th generation).
It is recommended to install the update on your iPhone, iPad or Mac as soon as possible to secure your device, and protect your data. Go to the Settings > General > Software Update page to run a manual check for updates, and install it.
While it is nice to see Apple patch its old operating systems, the company is planning to shut down access to its online services (except iCloud) next month, on many legacy versions of iOS, macOS, watchOS, and tvOS. To be fair, the operating systems are quite old, as are the devices that run on them. You may want to take a look at the Open Core Legacy Patcher to install macOS 13 Ventura on your unsupported Mac, this will allow you to keep using the services.
