Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Active Exploitation of a Critical Vulnerability in Apple Products
Alerts

Active Exploitation of a Critical Vulnerability in Apple Products

13 September 2022

Apple has released security updates to fix a zero-day critical vulnerability (CVE-2022-32917) found in their products.

Successful exploitation of this vulnerability could allow an attacker to enable maliciously written programs to execute arbitrary code with kernel privileges.

Users are advised to patch their products to the latest versions immediately:

  • Safari 16 web browser: for macOS Big Sur and macOS Monterey

  • macOS Monterey 12.6: for macOS Monterey

  • macOS Big Sur 11.7: for macOS Big Sur

  • iOS 16: for iPhone 8 and later

  • iOS 15.7 and iPad OS 15.7: for iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Users are also advised to enable automatic software updates by going to Settings > General > Software Updates > Enable Automatic Updates.

More information is available here:

https://support.apple.com/en-us/HT201222

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32917

https://www.bleepingcomputer.com/news/security/apple-fixes-eighth-zero-day-used-to-hack-iphones-and-macs-this-year/

https://www.theregister.com/2022/09/12/apple_patched_exploited_flaws/

Back to top