Addressing Critical MacOS Vulnerabilities with JumpCloud

Written by JumpCloud on August 22, 2022

Share This Article

Apple has released two software updates for iPhones, iPads and Macs that address recent security vulnerabilities. 

  • CVE-2022-32893, which documents out-of-bounds write issue in WebKit, Apple’s browser engine that powers its Safari web browser and all iOS web browsers 
  • CVE-2022-32894, which documents out-of-bounds write issues in the operating systems’ kernel that can be exploited by a malicious application to execute arbitrary code with kernel privileges. 

 The current list of iPads, iPhones, and Macs products and versions that are affected are:

  • Macs running on macOS Monterey, prior to version 12.5.1
  • iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation), on OS versions prior to version 15.6.1.

For JumpCloud users, the Patch Management features are the best way to be sure that your macOS fleet has been updated. End users with affected mobile devices should observe the Apple-provided update mechanisms.

Our community team has posted a step-by-step guide to using the Patch Management feature to push out the Apple updates to your Mac devices. Please visit the community here to learn more.

JumpCloud

JumpCloud’s mission is to Make Work Happen®, by providing people secure access to the resources they need to do their jobs. The JumpCloud Directory Platform gives IT, security operations, and DevOps a single, cloud-based solution to control and manage employee identities, their devices, and apply Zero Trust principles.

Continue Learning with our Newsletter