Do you own a device running macOS Monterey 12.5.1, or iOS/iPadOS 15.6.1? If so, you’ll want to download and install the latest patches as soon as possible. Apple recently released a small but critical security update aimed at fixing a pair of serious vulnerabilities that could allow an attacker to execute arbitrary code on an unpatched device.
The two issues addressed by this patch are tracked as CVE-2022-32894 and CVE-2022-32893. The former is a flaw that allows an attacker to gain kernel-level privileges and execute arbitrary code. The second is a WebKit flaw that allows poisoned web pages to run arbitrary code. If you’re not familiar with it, WebKit is the platform that Apple’s Mail app, Safari, and all of its iOS web browsers rest on. Don’t expect much in the way of details from the patch release notes. You won’t find any. The only thing the latest security update does is patch to close these two security flaws.
If you own an Apple watch, also be aware that watchOS 8.7.1 has also been recently released, though when it was released, it was done without accompanying patch notes so we’re not certain whether or not this release is related to the security flaws referenced above or not.
While Apple has already fixed the issues with Monterey, some older versions of MacOS have yet to be patched. It is not currently known whether these versions are vulnerable or not, so be sure to keep an eye out for new releases if you are running older versions of MacOS.