Latest iOS 15 and macOS 12 updates contain critical security patches

Nearly every operating system update contains fixes for security vulnerabilities, and the latest releases are no exception. Find out what has been patched by iOS 15.6, macOS 12.5, and the others.

Apple doesn't disclose or confirm security issues until an investigation has occurred and patches are made available. On Wednesday, Apple released a slew of updates for its devices to ensure continued secure and stable operation.

Apple released iOS 15.6, iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, macOS Big Sur 11.6.8, and macOS Catalina 10.15.7 2022-005 with various security patches and other fixes. Due to Apple's operating systems sharing a lot of code base and functionality, a single fix can be applicable across every OS.

Most of the fixes are related to unauthorized permissions being granted to an attacker, app, or user. Several vulnerabilities were addressed across every operating system.

An issue with APFS could give an app with root privileges the ability to execute arbitrary code with kernel privileges. Fixed with improved memory handling. CVE-2022-32832
A remote user may be able to cause kernel code execution thanks to a vulnerability with Apple AVD. A buffer overflow issue was addressed with improved bounds checking as a fix. CVE-2022-32788
An app may be able to gain root privileges through the AppleMobileFileIntegrity kernel extension. An authorization issue was addressed with improved state management. CVE-2022-32826
An app may be able to execute arbitrary code with kernel privileges through the audio extension. An out-of-bounds write issue was addressed with improved input validation. CVE-2022-32820
A remote user may cause an unexpected app termination or arbitrary code execution through the CoreText extension. The issue was addressed with improved bounds checks. CVE-2022-32839

There are several more patches for each operating system, some specific to an individual OS. Apple generally discloses if any vulnerabilities are actively being used by exploits in the wild.

Users generally don't need to worry about specific fixes applied in an update. It is important to install an update as soon as practical balanced against the needs of mission-critical software to ensure device security is sound.

Those interested in detailed information about every security update can visit Apple's security update website.

Latest Exclusives

Latest comparisons

10 Comments

prof_intel 4 comments · 5 Years

About 2 years ago

What is Appleinsiders stance on updates? In one post it is wait a few days before installing and in this one it is install as soon a practically possible!?

twokatmew 48 comments · 5 Years

I'm not waiting. Retired IT security pro here. But they're your devices. 😊

bonobob 395 comments · 13 Years

Backing up first, then updating. If there's a problem with the new release, I can recover.

maltz 507 comments · 13 Years

prof_intel said:

What is Appleinsiders stance on updates? In one post it is wait a few days before installing and in this one it is install as soon a practically possible!?

That's because not all updates are equal. If they're patching a serious, in-the-wild security issue, then benefits of updating ASAP outweigh the dangers. Especially if you're several versions in to a major release, as this is. If the security issues are serious, but not in-the-wild, then waiting a day or two may still be prudent. If there are no major security issues being fixed, and you're not experiencing any problems yourself, then waiting a week or more might even be appropriate.

mwhite 287 comments · 9 Years

bonobob said:

Backing up first, then updating. If there's a problem with the new release, I can recover.

I always back up before doing any updates you never know.