New updates to iOS (15.3) and macOS Monterey (12.2) have been released in an effort to combat a bug in Safari that includes a zero-day flaw. The vulnerability is tracked as CVE-2022-22587, a memory corruption issue lying within the IOMobileFrameBuffer component. With the proper malicious application, the vulnerability could essentially allow kernel privileges after arbitrary code is executed, and it is believed to have been exploited in the wild prior to the updates. Apple has acknowledged the bug but will not reveal the nature of the attacks or how often they are occurring.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased