On Wednesday, Apple released macOS Monterey 12.5.1 with security patches for potentially exploited vulnerabilities in WebKit and the Kernel.
Apple provided some details about security patches included in the update. Reports indicate the patches may have been actively exploited, so users are urged to update as soon as possible.
One kernel vulnerability enabled an application to execute arbitrary code with kernel privileges. An out-of-bounds write issue was addressed with improved bounds checking. Reported under CVE-2022-32894 by an anonymous researcher.
One WebKit vulnerability enabled processed maliciously crafted web content to lead to arbitrary code execution. An out-of-bounds write issue was addressed with improved bounds checking. Reported under CVE-2022-32893 by an anonymous researcher and under WebKit Bugzilla 243557.
The build number for macOS 12.5.1 is 21G83 up from 21G72.
While other small updates are possible to macOS Monterey, the next major update, macOS Ventura, is expected to launch in the fall. It contains a new multitasking system called Stage Manager and a webcam feature called Continuity Camera.
Users with automatic updates enabled will see the update go through overnight over the next few days. Those who want to push the update through now can open System Preferences, and select "Software Update."