CVE-2022-22578 An issue with validation was fixed in tvOS 15.3, iOS 15.3 and iPadOS 15.3, watchOS 8.4 and macOS Monterey 12.2.

This issue is fixed in iOS 15.4, watchOS 9.3, Xcode 9.3 and betas for Mac and Windows. An application bug allowed a malicious app to bypass code signing. This bug is fixed in iOS 15.4, watchOS 9.4, Xcode 9.4, betas for Mac and Windows. An application bug allowed a malicious app to bypass code signing. This bug is fixed in iOS 15.4, watchOS 9.4, Xcode 9.4, betas for Mac and Windows. An application bug allowed a malicious app to bypass code signing. This bug is fixed in iOS 15.4 and macOS High Sierra 10.13.5. An application bug allowed a malicious app to bypass code signing. This bug is fixed in iOS 15.4, watchOS 9.4, Xcode 9.4, betas for Mac and Windows. An application bug allowed a malicious app to bypass code signing. This bug is fixed in iOS 15.4, watchOS 9.4, Xcode 9.4, betas for Mac and Windows. An application bug allowed a malicious app to bypass code signing. This bug is fixed in iOS 15.4, watchOS 9.4, Xcode 9.4, betas for Mac and Windows. An application bug allowed a malicious app to bypass code signing. This bug is fixed in iOS 15.4 and macOS High Sierra 10.13.5. An application bug allowed

References

- CVE-2022-22578
- "An application bug allowed a malicious app to bypass code signing."
- The bug is fixed in iOS 15.4, watchOS 9.4, Xcode 9.4, betas for Mac and Windows. An application bug allowed a malicious app to bypass code signing. This bug is fixed in iOS 15.4, watchOS 9.4, Xcode 9.4, betas for Mac and Windows. An application bug allowed a malicious app to bypass code signing. This bug is fixed in iOS 15.4 and macOS High Sierra 10.13.5

What to do if you are affected by this?

If you are affected by this issue, please update your iOS or watchOS device software to the latest version. If you are a developer, please update your Xcode or Windows OS development toolkit to the latest beta.
To ensure that your apps remain secure on updated devices, please test and implement additional code signing validation routines for your apps.

What to do if you are still vulnerable?

If your device is still vulnerable, you'll need to update it to iOS 15.4, watchOS 9.4, Xcode 9.4, betas for Mac and Windows.

Timeline

Published on: 03/18/2022 18:15:00 UTC
Last modified on: 03/28/2022 16:44:00 UTC

References