Apple’s emergency update patches a zero-day exploit used to attack Macs and watches

Share This Post

Third-party web trackers log what you type before submitting. The flaw is an out-of-bounds write issue (CVE-2022-22675) in the AppleAVD (a kernel extension for audio and video decoding) that allows apps to execute arbitrary code with kernel privileges. The bug was reported by anonymous researchers and fixed by Apple in macOS Big Sur 11.6., watchOS 8.6, and tvOS 15.5 with improved bounds checking.

Apple has provided security fixes to address a zero-day vulnerability that threat actors can exploit in Mac and Apple Watch assaults. Zero-day vulnerabilities are security issues that the software manufacturer is ignorant of and has yet to patch. In certain situations, before a fix is released, this sort of vulnerability may have publicly available proof-of-concept exploits or be actively exploited in the wild. Apple acknowledged in security warnings provided on Monday that they are aware of claims that this security weakness “may have been actively exploited.”


  • Although this zero-day was most probably only used in targeted attacks, it’s still strongly advised to install today’s macOS and watchOS security updates as soon as possible to block attack attempts. In January, Apple patched two other zero-days exploited in the wild to let attackers gain arbitrary code execution with kernel privileges (CVE-2022-22587) and track web browsing activity and user identities in real-time (CVE-2022-22594).

  • The list of impacted devices includes Apple Watch Series 3 or late, Macs running macOS Big Sur, Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD. While Apple disclosed reports of active exploitation in the wild, it did not release any extra info regarding these attacks. By withholding information, the company is likely aiming to allow the security updates to reach as many Apple Watches and Macs as possible before attackers pick up on the zero-day’s details and start deploying exploits in other attacks.

These five zero-days impact iPhones (iPhone 6s and up), Macs running macOS Monterey, and multiple iPad models. Throughout last year, the company also patched a long list of zero-days exploited in the wild to target iOS, iPadOS, and macOS devices.  Sergiu Gatlan is a reporter who covered cybersecurity, technology, Apple, Google, and a few other topics at Softpedia for more than a decade. Email or Twitter DMs for tips.

One month later, Apple released security updates to patch a new zero-day bug (CVE-2022-22620) exploited to hack iPhones, iPads, and Macs, which leads to OS crashes and remote code execution on compromised Apple devices. In March, two more actively exploited zero-days in the Intel Graphics Driver (CVE-2022-22674) and the AppleAVD media decoder (CVE-2022-22675), the latter also backported today in older versions of macOS, in watchOS 8.6, and in tvOS 15.5.


Related Posts

In response to Roe v. Wade, Google writes to its staff

In response to the ruling, Google has issued a...

The Black Phone’s ending was changed at the last minute

“That one was probably the one that I felt...

Chalice, communion set and laptop were taken

Kyes said of special interest is if anyone in...

Nintendo Switch will get Red Dead Redemption 2

Red Dead Redemption Coming to Nintendo Switch. First of...