It’s time for a snap software update to address a bug that is apparently being exploited in the wild. Andrew Cunningham, reporting for Ars Technica:
Apple has released a trio of operating system updates to patch security vulnerabilities that it says “may have been actively exploited.” The macOS 12.5.1, iOS 15.6.1, and iPadOS 15.6.1 updates are available for download now and should be installed as soon as possible.
The three updates all fix the same pair of bugs. One, labeled CVE-2022-32894, is a kernel vulnerability that can allow apps “to execute arbitrary code with kernel privileges. The other, CVE-2022-32893, is a WebKit bug that allows for arbitrary code execution via “maliciously crafted web content.” Both discoveries are attributed to an anonymous security researcher. WebKit is used in the Safari browser as well as in apps like Mail that use Apple’s WebViews to render and display content.
While you’re at it, might as well update Zoom too.
—Linked by Jason Snell