Skip to main content

Apple Release Security Updates on Multiple Products


Scheduled updates for Apple products

Report a cyber attack: call 0300 303 5222 or email carecert@nhsdigital.nhs.uk

Summary


Scheduled updates for Apple products


Threat details

Introduction

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

A zero-day vulnerability tracked as CVE-2022-22675, is an out-of-bounds write issue in the AppleAVD (a kernel extension for audio and video decoding) that allows applications to execute arbitrary code with kernel privileges. 


Remediation advice

Affected organisations are encouraged to review the following Apple security advisory and apply any relevant updates or workarounds.


Remediation steps


Definitive source of threat updates


Last edited: 17 May 2022 3:53 pm