Skip to main content
Creating a new NHS England: NHS England and NHS Digital merged on 1 February 2023. More about the merger.

Apple Releases Security Updates for Multiple Products

The security updates include an exploited vulnerability targeting versions of iOS and iPadOS before 15.1

Report a cyber attack: call 0300 303 5222 or email carecert@nhsdigital.nhs.uk

Summary

The security updates include an exploited vulnerability targeting versions of iOS and iPadOS before 15.1


Threat details

Introduction

Apple has released eight security updates to address vulnerabilities in multiple products. Apple is reporting exploitation of CVE-2022-42856, which impacts iOS and iPadOS. A remote attacker could exploit some of these vulnerabilities to take control of a vulnerable system.

Apple reports exploitation CVE-2022-42856

Apple has released a new security update to resolve an exploited vulnerability tracked as CVE-2022-42856 within iOS and iPadOS. The vulnerability could allow an attacker to execute arbitrary code on the device after processing maliciously crafted web content. This vulnerability could enable an attacker to execute malicious code on the device or to corrupt sensitive data.


Remediation advice

Affected organisations are encouraged to review the following Apple security advisories and apply any relevant updates or workarounds.


Remediation steps

Type Step
Patch

Safari 16.3 | HT213600


https://support.apple.com/en-gb/HT213600
Patch

macOS Monterey 12.6.3 | HT213604


https://support.apple.com/en-gb/HT213604
Patch

macOS Big Sur 11.7.3 | HT213603


https://support.apple.com/en-gb/HT213603
Patch

watchOS 9.3 | HT213599


https://support.apple.com/en-gb/HT213599
Patch

iOS 15.7.3 and iPadOS 15.7.3 | HT213598


https://support.apple.com/en-gb/HT213598
Patch

iOS 16.3 and iPadOS 16.3| HT213606


https://support.apple.com/en-gb/HT213606
Patch

iOS 12.5.7 | HT213597


https://support.apple.com/en-gb/HT213597
Patch

macOS Ventura 13.2 | HT213605


https://support.apple.com/en-gb/HT213605

Definitive source of threat updates


Last edited: 24 January 2023 2:28 pm