CVE-2022-32911 Memory handling was improved in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, and macOS Big Sur 11.7.
This can lead to remote exploitation of the app. To fix this issue, a secure boot environment is required. Your Mac or iOS device will only boot a signed firmware that is validated by Apple. An app that is being loaded from a non-signed source can be exploited with signed code. This can be done by injecting code into the loading of the app, which will be executed instead of the app. An app may be able to execute arbitrary code with kernel privileges. This can lead to remote exploitation of the app. To fix this issue, a secure boot environment is required. Your Mac or iOS device will only boot a signed firmware that is validated by Apple. An app that is being loaded from a nonred source can be exploited with signed code. This can be done by injecting code into the loading of the app, which will be executed instead of the app. An app may be able to bypass code signing requirements. This can lead to remote exploitation of the app. To fix this issue, a secure boot environment is required. Your Mac or iOS device will only boot a signed firmware that is validated by Apple. An app that is being loaded from a non-signed source can be exploited with signed code. This can be done by injecting code into the loading of the app, which will be executed instead of the app.
How to check if your iOS device is vulnerable?
If you are using an iOS device and have not updated in the last few days, it might be vulnerable to this issue. To check if your iOS device is vulnerable, you can do one of the following:
1) Check for OS X updates by opening the Mac App Store app
2) Search "Check for Updates" under iTunes on your desktop
3) Click "Check for Updates" under Settings on your iOS device.
Timeline
Published on: 09/20/2022 21:15:00 UTC
Last modified on: 09/22/2022 18:17:00 UTC