Apple Patches 87 Vulnerabilities, 3 macOS Monterey RCEs
March 16, 2022
Apple has patched 3 remote code execution vulnerabilities in the ‘WebKit’ component, affecting macOS Monterey prior to version 12.3.
Overall, Apple has patched 87 vulnerabilities over multiple products. The full updated products list can be found on the Apple security updates page.
The RCE Vulnerabilities
All RCE vulnerabilities are in the ‘WebKit’ component, one having 2 CVEs:
- CVE-2022-22610 – Processing maliciously crafted web content may lead to remote code execution on affected devices.
- CVE-2022-22624, CVE-2022-22628 – Processing maliciously crafted web content may lead to remote code execution on affected devices.
- CVE-2022-22629 – Processing maliciously crafted web content may lead to remote code execution on affected devices.
Vulnerable Products
- macOS Monterey prior to version 12.3.
Mitigation
CYREBRO recommends updating relevant products up to the latest available releases in accordance with Apple’s advisory.
References: Apple Security Updates.