Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected device. One of the vulnerabilities (CVE-2022-22587), which affects the IOMobileFrameBuffer and could allow a malicious application to execute arbitrary code with kernel privileges, is being actively exploited in the wild.

Remediation advice

Affected organisations are encouraged to review the Apple Security Updates page and apply the necessary updates.

Remediation steps

Type	Step
Patch	iOS 15.3 and iPadOS 15.3 https://support.apple.com/en-gb/HT213053
Patch	macOS Monterey 12.2 https://support.apple.com/en-gb/HT213054
Patch	macOS Big Sur 11.6.3 https://support.apple.com/en-gb/HT213055
Patch	Security Update 2022-001 Catalina https://support.apple.com/en-gb/HT213056
Patch	tvOS 15.3 https://support.apple.com/en-gb/HT213057
Patch	watchOS 8.4 https://support.apple.com/en-gb/HT213059
Patch	Safari 15.3 https://support.apple.com/en-gb/HT213058

Last edited: 27 January 2022 1:52 pm