Apple fixes eighth zero-day used to hack iPhones and Macs this year



Apple has released security updates to address the eighth zero-day vulnerability used in attacks against iPhones and Macs since the start of the year.

In security advisories issued on Monday, Apple revealed they’re aware of reports saying this security flaw “may have been actively exploited.”

The bug (tracked as CVE-2022-32917) may allow maliciously crafted applications to execute arbitrary code with kernel privileges.

Reported to Apple by an anonymous researcher, it was addressed in iOS 15.7 and iPadOS 15.7macOS Monterey 12.6, and macOS Big Sur 11.7 with improved bounds checks.

Read more…