Apple has patched a vulnerability in macOS 12.5, iOS 15.6, and iPadOS 15.6 that may have already been actively exploited. There are no details about the vulnerability yet. Apple urges users to update their devices as soon as possible.
The updates are macOS 12.5.1, iOS 15.6.1 and iPadOS 15.6.1, Apple reports. As a result of the vulnerability, an app could run code with kernel privileges, but otherwise Apple doesn’t say anything about the nature of the vulnerability. Apple does list a CVE designation of the vulnerability, but the anonymous security researcher who reported the vulnerability has not yet published anything about it. It concerns CVE-2022-32894.
In addition to this vulnerability, the update also fixes a bug in WebKit that could lead to arbitrary code execution on the system. More often than not, Apple releases updates that close zero-day vulnerabilities in its operating systems. Users receive the updates over-the-air on their devices. Version 15.6 of iOS came out last month.