Elain Brown Tech 05.17.2022 06:May AM EDT

Apple's Security Update Fixes Zero-Day Vulnerability in Macs, Apple Watches

Apple's zero-day vulnerability has been detected to exploit Mac and Apple Watch devices.

The CVE-2022-22675 vulnerability in Apple's system has been reported by an unknown security researcher. Apple has released security updates to address a zero-day vulnerability that threat actors can exploit in attacks targeting Macs and Apple Watch devices.

Apple acknowledged on Monday that they were aware of reports that this security flaw "may have been actively exploited" in a series of security advisories that were released that day.

Apple's CVE-2022-22675 Problem

Apple's CVE-2022-22675 vulnerability has been reported and detected ever since April. It has previously affected multiple Apple products, such as the iPhone, Ipad, and Mac devices.

The details and patches of this vulnerability were made public for the first time in April. Apple, on the other hand, has just released a fix for the security flaw that was actively exploited in its Macs and Apple Watches.

As reported by Bleeping Computer, Apple's vulnerability is an out-of-bounds write issue (CVE-2022-22675) in the AppleAVD, which is a kernel extension for audio and video decoding. This issue enables applications to execute arbitrary code with kernel privileges.

Apple fixed the bug by adding better bounds checking to macOS Big Sur 11.6, watchOS 8.6, and tvOS 15.5. The bug was found by unnamed researchers, who then told Apple about it.

The Apple Watch Series 3 and later, Macs running macOS Big Sur, Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD are all on the list of affected devices.

Even though Apple said it knew about reports of active exploits in the wild, the company didn't say anything else about these attacks.

Apple does not disclose, discuss, or confirm security issues before an investigation has been completed and patches or releases are available. This is done for the protection of Apple's customers.

The company is likely trying to allow the security updates to reach as many Apple Watches and Macs as possible before attackers pick up on the details of the zero-day vulnerability and start deploying exploits in other attacks. This is why the company is withholding information about the vulnerability.

Apple's Zero-day Vulnerability

A zero-day exploit is a security vulnerability that can possibly be exploited on the same day it is discovered in an operating system, software, or hardware. In short, it is known as a security flaw.

These cybersecurity vulnerabilities are immediately addressed by companies' since this can result in a massive exploitation of data from malicious threat actors. The term "zero" refers to the number of days that developers have to address the vulnerabilities, either by releasing a patch or suggesting a workaround.

These vulnerabilities are usually brought to the attention of the general public to prevent malicious programs from successfully exploiting one of them in order to compromise a product, computer, or network that is connected to a computer.

Apple has been detecting multiple zero-day vulnerabilities in their operating system recently. As reported by Bleeping Computer, Apple released patches for two additional zero-day vulnerabilities in January. These vulnerabilities, which have been exploited in the wild, allowed attackers to gain arbitrary code execution with kernel privileges (CVE-2022-22587) and track web browsing activity and user identities in real time (CVE-2022-22594).

In addition to that, Apple also detected in February a new zero-day vulnerability (CVE-2022-22620) that hackers exploited to hack iPhones, iPads, and Macs. This bug causes the operating system on compromised Apple devices to crash and allows remote code execution