Apple iOS and macOS vulnerability from 2022 actively exploited
Take action: This is an older patch, but there are still a lot of iOS/MacOS devices which haven't been updated. Don't become another target. It's simple to update.
The Cybersecurity and Infrastructure Security Agency (CISA) is reporting of active attacks and exploit of a flaw in Apple's iOS and macOS systems, tracked as CVE-2022-48618 (CVSS score 7.8). This vulnerability allows attackers to circumvent Pointer Authentication, thereby obtaining unauthorized read and write privileges on the affected systems.
The agency has called for immediate actions from users to secure their devices against potential exploitation.
Impacted systems include :
Apple has already released patches to mitigate the issue through software updates, such as iOS 16.2 and macOS Ventura 13.1, incorporating additional security measures to protect against exploitation.
CISA has mandated all U.S. federal agencies to apply the necessary fixes by February 21, under the binding operational directive BOD 22-01 issued in November 2021, underscoring the critical need for vigilance and timely updates to safeguard against such vulnerabilities.
|Hackers try to inject password stealing code in …
|A new stealth backdoor into vulnerable Confluence persists …
|Hackers exploit Windows Defender SmartScreen flaw to spread …
|Critical Confluence Flaw used in live Exploit Attempts …
|Active credential harvesting attack on unpatched Citrix NetScaler