Apple’s Zero-Day Woes Continue

Apple’s expanding footprint in enterprise organizations appears to have made its technologies a growing focus area for security researchers.

The company this week rushed out emergency patches for two zero-day vulnerabilities in its macOS and IOS technologies that the company said are being actively exploited. The flaws are present in macOS Catalina, BigSur, and Monterey; in devices running iOS and iPadOS; and Apple tvOS and watchOS.

One of the two zero-days for which Apple issued an update this week exists in the AppleAVD media file decoder that is present in multiple supported macOS versions as well as iOS and iPadOS. Apple’s sparse vulnerability disclosure described the flaw (CVE-2022-22675) as resulting from an out of bounds write issue and providing attackers with an opportunity to execute arbitrary code at the kernel level. Apple said it is aware of a report about the flaw being actively exploited.

Apple’s latest macOS Monterey 12.3.1, iOS 15.4.1, and iPadOS 15.4.1 includes “improved bounds checking” to address the issue, the company noted.

The second zero-day for which Apple issued a fix (CVE-2022-22674) exists in macOS and has to do with an out-of-bounds read issue that enables application to read kernel memory. The flaw, which also is being actively exploited, might lead to the contents of kernel memory being disclosed, Apple said in another advisory with very little information.

The flaws are the latest in a growing number of zero-day vulnerabilities that researchers have discovered in Apple’s products in recent months. The latest disclosures bring to at least four the total number of zero-days that Apple has disclosed this year alone. In January, the company disclosed two similar zero-days, at least one of which was likely being exploited at the time of patch release.

In 2021, as many as 12 of 57 zero-day threats — or more than 20% — that researchers from Google’s Project Zero tracked
were Apple related. Impacted technologies included Apple’s macOS, iOS, iPadOS, and WebKit. In several cases, the flaws were being actively exploited by the time Apple had released a fix for them.

Exacerbating the issue is the emergence of malware targeted at Mac and iOS environments. A…