- CVE-2022-32893, which documents out-of-bounds write issue in WebKit, Apple’s browser engine that powers its Safari web browser and all iOS web browsers
- CVE-2022-32894, which documents out-of-bounds write issues in the operating systems’ kernel that can be exploited by a malicious application to execute arbitrary code with kernel privileges.
The current list of iPads, iPhones, and Macs products and versions that are affected are:
- Macs running on macOS Monterey, prior to version 12.5.1
- iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation), on OS versions prior to version 15.6.1.
For JumpCloud users, the Patch Management features are the best way to be sure that your macOS fleet has been updated. End users with affected mobile devices should observe the Apple-provided update mechanisms.
Our community team has posted a step-by-step guide to using the Patch Management feature to push out the Apple updates to your Mac devices. Please visit the community here to learn more.