Blog

Apple Released Zero Day Hack Fix For Devices And Computers

Apr 25, 2022 | Blog

If you’re an Apple user and you have an iPhone, a Mac, or both, you’ll want to grab the company’s most recent security update.

The latest release pushes out fixes for a pair of zero-day vulnerabilities that researchers have seen actively exploited in the wild.

The flaws in question are being tracked as CVE-2022-22674 and CVE-2022-22675 respectively. The former is an out-of-bounds write issue in an Intel Graphics driver and the latter is an out-of-bounds-read issue in the AppleAVD media decoder that would allow an attacker to execute arbitrary code with kernel privileges.

Impacted devices include the iPhone 6S and newer, the iPad Pro (all models), the iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and the iPod Touch (7th generation).  Also note that users with Macs running macOS Monterey are at risk.

To make sure you’re protected download and install the iOS 15.4.1, the iPadOS 15.4.1, or the macOS Montery 12.3.1 update as appropriate for your device.

It’s still early in 2022 and so far, Apple has pushed out three zero-day patches this year resolving a total of five different zero-day issues.

In January 2022, the company’s first zero-day patch was pushed out resolving CVE-2022-22587 and CVE-2022-22594. Those allowed attackers to execute arbitrary code with kernel privileges and track web browsing activity in real time.

Then in February, Apple released another patch to address a new zero-day exploit that allowed attackers to hack iPhones, iPads, and Macs, leading to OS crashes and arbitrary code execution.

It appears 2022 is shaping up a lot like 2021.  Last year, Apple faced a seemingly endless stream of zero-day exploits and spent much of the year busily pushing fixes out the door.  Here’s hoping this year will be at least somewhat calmer on that front!

FBI Program Tasked with Infrastructure Security Compromised

FBI Program Tasked with Infrastructure Security Compromised

The FBI program tasked with ensuring critical infrastructure security has been compromised by hackers, who now offer access to the program's data on the dark web. The breach was initially disclosed by Brian Krebs of Krebs on Security, who claims that the data was for...

Streamline Your Business with the Latest Smart Home Technology

Streamline Your Business with the Latest Smart Home Technology

Are you a business owner looking to get the most out of your Google smart home devices? If so, you're in luck! Google has enabled its Nest products and Android OS with the initial rollout of the Matter smart home standard. This means that businesses now have the...

Data Breach at Sequoia One Exposes Sensitive Customer Information

Data Breach at Sequoia One Exposes Sensitive Customer Information

What do you do when your most personal information has been compromised? This is likely the question that customers of Sequoia One asked themselves earlier this month as they were informed that the company had been hacked. Sequoia One specializes in the management of...

Cisco Reports Critical IP Phone Vulnerability

Cisco Reports Critical IP Phone Vulnerability

As a business owner, it's important to stay informed about potential vulnerabilities that could impact your organization. Recently, Cisco reported a critical vulnerability, tracked as CVE-2022-20968, affecting its IP Phone 7800 and 8800 Series. This new vulnerability...

Google Chrome Releases Two New Features

Google Chrome Releases Two New Features

Google Chrome is one of the more commonly used web browsers. Over the years, though, Chrome has gained a reputation for utilizing a large portion of a computer's memory. This can be a problem if you're running other resource-intensive tasks and don't want to slow...

Get a Free Consultation

 

Fill out the form below to receive a free consultation and learn how we can make your technology worry-free!

 

Contact Information

  • 39301 Badger Street, Suite 500
    Palm Desert, CA 9221
  • (760) 333-8523
  • info@icn.tech