Common Problem
macOS 12.2 patches 13 major security vulnerabilities affecting Safari, root access, iCloud, and more
macOS 12.2 patches 13 major security vulnerabilities affecting Safari, root access, iCloud, and more
Apple’s latest updates for Mac include fixes for various security vulnerabilities. macOS 12.2 patches 13 critical security vulnerabilities, ranging from Safari web browsing leaks to vulnerabilities that could allow malicious applications to access root permissions, kernel permissions, iCloud data, and more. 
We already know that the web browsing and Google Account ID vulnerabilities have been patched in advance of the arrival of RC versions of iOS 15.3 and macOS 12.2. However, Apple has now detailed a full list of security patches and documentation available for macOS 12.2.
Apple has also fixed many security issues with macOS 11.6.3 and macOS Catalina updates.
iOS 15.3 comes with 10 security fixes, 8 for watchOS 8.4. macOS 12.2 includes up to 13 security fixes.
In addition to the Safari web browsing vulnerability, other security issues have been patched, including the ability for apps to gain root privileges, the ability to execute arbitrary code with kernel privileges, access user files through iCloud, and more.
AMD Kernel
Applies to: macOS Monterey
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: An out-of-bounds write issue has been addressed with improved bounds checking.
CVE-2022-22586: Anonymous Researcher
Color Sync
Applies to: macOS Monterey
Impact: Handling malicious Crafted files may lead to arbitrary code execution
Description: A memory corruption issue has been addressed with improved validation.
CVE-2022-22584: Mickey Jin from Trend Micro (@patch1t)
Crash Reporter
Applies to: macOS Monterey
Impact: A malicious application may be able to gain root privileges
Description: A logic issue has been addressed through improved validation.
CVE-2022-22578: Anonymous Researcher
iCloud
Applies to: macOS Monterey
Impacts: Application Maybe Able to access user's files
Description: An issue exists in the path validation logic for symbolic links. This issue has been addressed with improved path cleaning.
CVE-2022-22585: Huo Zhipeng (@R3dF09) of Tencent Security Xuanwu Lab (https://xlab.tencent.com)
Intel Graphics Driver
Applies to: macOS Monterey
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue has been addressed through improved memory handling.
CVE-2022-22591: Antonio Zekic (@antoniozekic) of Diverto
IOMobileFrameBuffer
Applies to: macOS Monterey
Impact: A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of reports that this issue may be actively exploited.
Description: A memory corruption issue has been addressed with improved input validation.
CVE-2022-22587: Anonymous Researcher, Meysam Firouzi (@R00tkitSMM) of MBition – Mercedes-Benz Innovation Labs, Siddharth Aeri (@b1n4r1b01)
Core
Applies to: macOS Monterey
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: Buffers have been addressed with improved memory handling Overflow problem.
CVE-2022-22593: Peter Nguyễn Vũ Hoàng of STAR Labs
Model input/output
Applies to: macOS Monterey
Impact: Processing a maliciously crafted STL file may lead to unexpected application termination or arbitrary code execution
Description: An information disclosure issue has been addressed through improved state management.
CVE-2022-22579: Mickey Jin from Trend Micro (@patch1t)
Pack Suite
Applies to: macOS Monterey
Impact: An application may be able to access restricted files
Description: A permissions issue has been addressed with improved validation.
CVE-2022-22583: Anonymous researchers, Mickey Jin (@patch1t), Ron Hass (@ronhass7) of Perception Point
Network Suite
Applies to: macOS Monterey
Impact: Processing a maliciously crafted message may result in arbitrary javascript being run
Description: A validation issue has been addressed with improved input sanitization.
CVE-2022-22589: Heige of the KnownSec 404 Team (knownsec.com) and Bo Qu of Palo Alto Networks (paloaltonetworks.com)
Network Suite
Applies to: macOS Monterey
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: A use-after-free issue has been addressed with improved memory management.
CVE-2022-22590: Toan Pham from Ocean Security Team Orca (security.sea.com)
Cyber Suite
Applies to: macOS Monterey
Impact: Processing maliciously crafted web content may prevent enforcement of Content Security Policy
Description: A logic issue has been resolved with improved state management.
CVE-2022-22592: Prakash (@1lastBr3ath)
WebKit Storage
Applies to: macOS Monterey
Impacts : Websites may be able to track sensitive user information
Description: A cross-domain issue in the IndexDB API has been addressed through improved input validation.
CVE-2022-22594: Martin Bajanik of FingerprintJS
Additional recognition
Core
us We would like to thank Tao Huang for his assistance.
metal
We would like to thank Tao Huang for his assistance.
Pack Kit
Thanks to Mickey Jin (@patch1t) and Mickey Jin (@patch1t) from Trend Micro for their assistance.
The above is the detailed content of macOS 12.2 patches 13 major security vulnerabilities affecting Safari, root access, iCloud, and more. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
3 tips to easily customize your Mac computer name, host name and Bonjour name
Mar 06, 2024 pm 12:20 PM
Many Mac users tend to keep the default name of their device and may never consider changing it. Many people choose to stick with the name from the initial setup, such as "Johnny's MacBook Air" or simply "iMac." Learning how to change the name of your Mac is a very useful skill, especially when you have multiple devices, as it can help you quickly distinguish and manage them. Next, we will teach you step by step how to change the computer name, host name and Bonjour name (local host name) in macOS system. Why should you change your Mac name? Changing the name of your Mac can not only show your personality, but also help improve the user experience: Personalize your Mac: The default name may not be to your taste, change it to a name you like.
How to solve the problem that photos on iPhone cannot be synced to 'iCloud Photos”?
Feb 22, 2024 pm 06:46 PM
In order to avoid accidental loss of photos or videos, many iPhone users will turn on the iCloud photo function to synchronize the photos in the device to Apple servers for storage. If the photos or videos on your device cannot be synced to "iCloud Photos" during synchronization, you can refer to this tutorial to try to solve the problem. When "iCloud Photos" cannot be synced, please do not turn off the function immediately. Sync may be paused for a variety of reasons, such as certain device settings being turned on or the need for additional iCloud storage space. 1. View the gallery status in the Photos app. Open the Photos app on iPhone, go to the "Gallery" tab interface, tap "All Photos", and scroll to the bottom to view the status bar. Check whether there is relevant status information in the status bar, and then
How to disable private browsing mode in Safari on iPhone
Feb 23, 2024 am 08:34 AM
Apple allows iPhone users to browse anonymously using private tabs on Safari. When "Incognito Mode" is enabled, Safari does not save the addresses of websites you visit, your search history, or Autofill information. If you use private browsing mode frequently in Safari, you may have noticed that the mode operates differently than other browsers. This article will detail how to disable Private Browsing Mode on iPhone and what happens when Private Browsing Mode is enabled when Safari is closed. How to Disable Private Browsing Mode on Safari Required: iPhone running iOS 17 or later. If you have found out how to enable and use private browsing in Safari
Safari zoom issue on iPhone: Here's the fix
Apr 20, 2024 am 08:08 AM
If you don't have control over the zoom level in Safari, getting things done can be tricky. So if Safari looks zoomed out, that might be a problem for you. Here are a few ways you can fix this minor zoom issue in Safari. 1. Cursor magnification: Select "Display" > "Cursor magnification" in the Safari menu bar. This will make the cursor more visible on the screen, making it easier to control. 2. Move the mouse: This may sound simple, but sometimes just moving the mouse to another location on the screen may automatically return it to normal size. 3. Use Keyboard Shortcuts Fix 1 – Reset Zoom Level You can control the zoom level directly from the Safari browser. Step 1 – When you are in Safari
pkg file to install on mac?
Feb 20, 2024 pm 03:21 PM
Preface: Today, this site will share with you the relevant content about installing pkg files on Mac. If it can solve the problem you are facing now, don’t forget to follow this site and start now! The previous version of macos pkg cannot be installed to upgrade the operating system: If your laptop is using an older operating system version, it is recommended to upgrade to the latest operating system version. Because older versions may not support installation of the latest macOS system. Select "Erase" in Disk Utility, then select the Macos extension in the format, do not check the encryption option, and do not select the apfs format, and finally click the "Erase" button to solve the problem of being unable to complete the macOS installation. Drag the application's icon to the file starting with App
What should I do if there is an error when iCloud connects to the server?
Mar 06, 2024 pm 06:55 PM
iCloud is a cloud service space provided by Apple to users. iCloud can help users store some important data on their mobile phones. When using iCloud, you often encounter various problems, such as iCloud failing to connect to the server, reporting errors, and being unable to connect to the server. 1: iCloud failed to connect to the server 1. First check whether your mobile phone network is working normally. You can open the browser and try to use it. If the network can be used, find the cellular network in the settings, and then scroll to the bottom to find the iCloud disk function. Turn this option on. If this function is not turned on, there will be a failure to connect to the server. 2. Try to log in to iCloud using a computer to see if the computer can connect to the iCloud space.
How to set up WeChat Mac to automatically convert voice messages into text - How to set up voice to text conversion
Mar 19, 2024 am 08:28 AM
Recently, some friends have consulted the editor about how to set up WeChat Mac to automatically convert voice messages into text. The following is a method for setting up WeChat Mac to automatically convert voice messages into text. Friends in need can come and learn more. Step 1: First, open the Mac version of WeChat. As shown in the picture: Step 2: Next, click "Settings". As shown in the picture: Step 3: Then, click "General". As shown in the picture: Step 4: Then check the option "Automatically convert voice messages in chat to text". As shown in the picture: Step 5: Finally, close the window. As shown in the picture:
3 Ways to Convert HEIC Photos to JPG on Mac
Mar 15, 2024 pm 08:43 PM
By default, iPhone takes photos from the camera in HEIC format. HEIC stands for High Efficiency Image Container and can hold more pixel data than PNG or JPG files, taking up significantly less space on iPhone storage compared to other formats. These files work best on iPhones but are not widely accepted on the internet because they often result in blurry/grainy pictures when you share them with non-Apple devices. To ensure that HEIC images are compatible on other devices, you may need to convert them to JPG format. This article will introduce how to convert HEIC images to JPG on Mac. How to Convert HEIC Photos to JPG on Mac [3 Methods] Method