Apple on Monday released iOS 15.5 and iPadOS 15.5 to the public following the release of the RC build last week. The update doesn’t bring significant changes, but it does improve the Apple Cash and Podcasts app.
iOS 15.5 new features
Apple says that iOS 15.5 makes enhancements to Apple Cash, with support for more easily requesting and sending money from the Apple Cash card in the Wallet app. There’s also a new feature in Apple Podcasts to help preserve your iPhone’s storage space and some bug fixes for HomeKit.
Here are the full release notes for iOS 15.5 according to Apple:
iOS 15.5 includes the following improvements and bug fixes:
Wallet now enables Apple Cash customers to send and request money from their Apple Cash card
Apple Podcasts includes a new setting to limit episodes stored on your iPhone and automatically delete older ones
Fixes an issue where home automations, triggered by people arriving or leaving, may fail
Here are some other changes in iOS 15.5 we’ve spotted so far, not mentioned in Apple’s release notes:
You can update your devices by going to the Settings app, then General > Software Update. Check out Apple’s website for more details about the security patches included with iOS 15.5.
It’s unclear whether this update will be the last before the first iOS 16 beta, which should arrive shortly after WWDC 2022 in June.
The only examples of a USB-C iPhone we’ve seen to date have been DIY versions, but Ming-Chi Kuo claims that Apple will make the switch from Lightning to USB-C next year, in the iPhone 15.
The report comes as something of a surprise, as although Apple has adopted USB-C for Mac and iPad, it had seemed the company planned to stick with Lightning until it switches to a completely portless phone …
Background
Apple began its adoption of USB-C for Macs back in 2015, with the 12-inch MacBook. It then went all-in with the 2016 MacBook Pro, before backtracking a little last year by restoring MagSafe, HDMI and SD card slots.
The iPad made the switch from Lightning to USB-C in 2018, with the 11-inch and 12.9-inch iPad Pro models.
That left the iPhone as the sole core Apple product with a Lightning socket. Since the iPhone retained the older connector for years after the Mac and iPad adoption of USB-C, the consensus view appeared to be that it would continue to do so until the first portless model.
USB-C iPhone 15 report
Apple analyst Ming-Chi Kuo tweeted today that Apple will make the switch to USB-C for iPhone in the second half of next year, which is to say the iPhone 15.
My latest survey indicates that 2H23 new iPhone will abandon Lightning port and switch to USB-C port. USB-C could improve iPhone’s transfer and charging speed in hardware designs, but the final spec details still depend on iOS support.
It’s expected to see existing USB-C-related suppliers of Apple’s ecosystem (e.g., IC controller, connector) become the market’s focus in the next 1-2 years, thanks to vast orders from iPhones and accessories’ adoption of USB-C ports.
The reference to USB-C suppliers benefiting for ‘1-2 years’ may indicate that Kuo then anticipates Apple will drop the port altogether.
9to5Mac’s Take
This is a somewhat odd report. Apple made the switch to USB-C iPads in back 2018, so if it planned to do with the iPhone too, we would have expected that to have happened by now.
It should be noted that although Kuo has a decent track record, he has more recently taken to tweeting simply thoughts or opinions about what Apple might do, rather than anything based on evidence. However, this tweet does specifically say that it’s based on his ‘latest survey,’ which means talking to suppliers.
Supply-chain reports can be of varying reliability. Apple likes to have multiple suppliers wherever possible, to allow it to negotiate better prices, and to reduce risk. If, for example, a major supplier of Lightning ports were to report Apple was planning to cut orders next year, that could mean nothing more than a rejigging of competing suppliers.
Similarly, USB-C suppliers talking about expecting a major boost in orders next year might again simply be Apple or other companies increasing orders with some suppliers while reducing them with others.
Kuo does seem confident in his interpretation of what he’s hearing from suppliers. It’s entirely possible that he’s right, but we wouldn’t count on it yet.
Google on Wednesday took to its annual developer conference to announce a host of privacy and security updates, including support for virtual credit cards on Android and Chrome.
“When you use autofill to enter your payment details at checkout, virtual cards will add an additional layer of security by replacing your actual card number with a distinct, virtual number,” Google’s Jen Fitzpatrick said in a statement.
The goal, the search giant, said to keep payment information safe and secure during online shopping and protect users from skimming attacks wherein threat actors inject malicious JavaScript code to plunder credit card numbers and sell them on the black market.
The feature is expected to roll out in the U.S. for Visa, American Express, Mastercard, and Capital One cards starting this summer.
Interestingly, while Apple offers an option to mask email addresses via Hide My Email, which enables users to create unique, random email addresses to use with apps and websites, it’s yet to offer a similar option for creating virtual credit cards.
The development comes a week after Google, Apple, and Microsoft banded together to accelerate support for a common passwordless sign-in standard that allows “websites and apps to offer consistent, secure, and easy passwordless sign-ins to consumers across devices and platforms.”
Additionally, Google said it’s expanding phishing protections in Google Workspace to Docs, Slides and Sheets, and that it plans to debut a new “My Ad Center” later this year to give users more control over personalized ads on YouTube, Search, and Discover feed.
What’s more, users would be able to request personally identifiable information such as email, phone number, or home address to be removed from search results through a new tool that will be accessible from the Google App.
Also coming is a new Account Safety Status setting that will “feature a simple yellow alert icon on your profile picture that will flag actions you should take to secure your account.”
Other key privacy and security features unveiled at Google I/O 2022 include support for end-to-end encryption for group conversations in the Messages app for Android and the availability of on-device encryption for Google Password Manager.
Did you know that May 5, 2022, is World Password Day?1 Created by cybersecurity professionals in 2013 and designated as the first Thursday every May, World Password Day is meant to foster good password habits that help keep our online lives secure. It might seem strange to have a day set aside to honor something almost no one wants to deal with—like having a holiday for filing your income taxes (actually, that might be a good idea). But in today’s world of online work, school, shopping, healthcare, and almost everything else, keeping our accounts secure is more important than ever. Passwords are not only hard to remember and keep track of, but they’re also one of the most common entry points for attackers. In fact, there are 921 password attacks every second—nearly doubling in frequency over the past 12 months.2
But what if you didn’t have to deal with passwords at all? Last fall, we announced that anyone can completely remove the password from their Microsoft account. If you’re like me and happy to ditch passwords completely, read on to learn how Microsoft is making it possible to start enjoying a passwordless life today. Still, we know not everyone is ready to say goodbye to passwords, and it’s not possible for all your online accounts. We’ll also go over some easy ways to improve your password hygiene, as well as share some exciting news from our collaboration with the FIDO Alliance about a new way to sign in without a password.
Free yourself with passwordless sign-in
Yes, you can now enjoy secure access to your Microsoft account without a password. By using the Microsoft Authenticator app, Windows Hello, a security key, or a verification code sent to your phone or email, you can go passwordless with any of your Microsoft apps and services. Just follow these five steps:
Choose Security. Under Advanced security options, you’ll see Passwordless account in the section titled Additional security.
Select Turn on.
Approve the notification from Authenticator.
Once you approve the notification, you’ll no longer need a password to access your Microsoft accounts. If you decide you prefer using a password, you can always go back and turn off the passwordless feature. Here at Microsoft, nearly 100 percent of our employees use passwordless options to log into their corporate accounts.
Strengthen security with multifactor authentication
One simple step we can all take to protect our accounts today is adding multifactor authentication, which blocks 99.9 percent of account compromise attacks. The Microsoft Authenticator app is free and provides multiple options for authentication, including time-based one-time passcodes (TOTP), push notifications, and passwordless sign-in—all of which work for any site that supports multifactor authentication. Authenticator is available for Android and iOS and gives you the option to turn two-step verification on or off. For your Microsoft Account, multifactor authentication is usually only needed the first time you sign in or after changing your password. Once your device is recognized, you’ll just need your primary sign-in.
Make sure your password isn’t the weak link
Rather than keeping attackers out, weak passwords often provide a way in. Using and reusing simple passwords across different accounts might make our online life easier, but it also leaves the door open. Attackers regularly scroll social media accounts looking for birthdates, vacation spots, pet names and other personal information they know people use to create easy-to-remember passwords. A recent study found that 68 percent of people use the same password for different accounts.3 For example, once a password and email combination has been compromised, it’s often sold on the dark web for use in additional attacks. As my friend Bret Arsenault, our Chief Information Security Officer (CISO) here at Microsoft, likes to say, “Hackers don’t break in, they log in.”
Some basics to remember—make sure your password is:
At least 12 characters long.
A combination of uppercase and lowercase letters, numbers, and symbols.
Not a word that can be found in a dictionary, or the name of a person, product, or organization.
Completely different from your previous passwords.
Changed immediately if you suspect it may have been compromised.
Tip: Consider using a password manager. Microsoft Edge and Microsoft Authenticator can create (and remember) strong passwords using Password Generator, and then automatically fill them in when accessing your accounts. Also, keep these other tips in mind:
Only share personal information in real-time—in person or by phone. (Be careful on social media.)
Be skeptical of messages with links, especially those asking for personal information.
Be on guard against messages with attached files, even from people or organizations you trust.
Enable the lock feature on all your mobile devices (fingerprint, PIN, or facial recognition).
Ensure all the apps on your device are legitimate (only from your device’s official app store).
Keep your browser updated, browse in incognito mode, and enable Pop-Up Blocker.
Tip: When answering security questions, provide an unrelated answer. For example, Q: “Where were you born?” A: “Green.” This helps throw off attackers who might use information skimmed from your social media accounts to hack your passwords. (Just be sure the unrelated answers are something you’ll remember.)
Passwordless authentication is becoming commonplace
As part of a historic collaboration, the FIDO Alliance, Microsoft, Apple, and Google have announced plans to expand support for a common passwordless sign-in standard. Commonly referred to as passkeys, these multi-device FIDO credentials offer users a platform-native way to safely and quickly sign in to any of their devices without a password. Virtually unable to be phished and available across all your devices, a passkey lets you sign in simply by authenticating with your face, fingerprint, or device PIN.
In addition to a consistent user experience and enhanced security, these new credentials offer two other compelling benefits:
Users can automatically access their passkeys on many of their devices without having to re-enroll for each account. Simply authenticate with your platform on your new device and your passkeys will be there ready to use—protecting you against device loss and simplifying device upgrade scenarios.
With passkeys on your mobile device, you’re able to sign in to an app or service on nearly any device, regardless of the platform or browser the device is running. For example, users can sign in on a Google Chrome browser that’s running on Microsoft Windows, using a passkey on an Apple device.
These new capabilities are expected to become available across Microsoft, Apple, and Google platforms starting in the next year. This type of Web Authentication (WebAuthn) credential represents a new era of authentication, and we’re thrilled to join the FIDO Alliance and others in the industry in supporting a common standard for a safe, consistent authentication experience. Learn more about this open-standards collaboration and exciting passwordless capabilities coming for Microsoft Azure Active Directory in a blog post from Alex Simons, Vice President, Identity Program Management.
To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.
Managing lots of files at once can be difficult, especially when dealing with large ones. When struggling with the problem of moving lots of documents and files, an excellent solution is to create a zip file that compresses the files down to a more manageable size.
The good news is that macOS has a built-in tool for creating and unzipping zip files called Archive Utility. The bad news, however, is that it often receives quite a few complaints about things such as its disappointing compression ratio and limited feature set.
In this article, we’re going to tell you about one of the best archive utilities Mac users can use to get the very best results. Keep on reading to learn more!
Mac’s Built-in Archiver Utility
Archive Utility, the built-in archiver utility that comes pre-installed on macOS, can handle zip files, but when it comes to files in other formats or particularly big files, it may not be the best choice. Below are some of its drawbacks.
1. Only one supported format
There are some very common archive formats that Archive Utility simply can’t handle, including the very popular rar format.
2. Disappointing compression ratio
While it does reduce file size, Archive Utility doesn’t have as great of a space-saving impact on disk space as other archiving apps.
3. Limited key features
Archive Utility is missing key features such as archiving, encryption, and volume compression. This is because Apple has not significantly updated Archive Utility in the time since these types of features have become standard.
Unarchiver One Mac is the best free archiving tool for Mac. In seconds, it can archive and unarchive tons of file formats including RAR, Zip, 7z, gzip, bzip2, and lots more.
Unarchiver One can save you huge amounts of disk space by compressing large files into much smaller sizes. And unlike Archive Utility, it also supports encryption and volume compression.
1. How to set up Unarchiver One as the default unarchiving tool
Setting up Unarchiver One as your default unarchiving tool couldn’t be easier. To do so, follow the simple steps below.
(1) Right-click on any compressed file and select ‘Get Info’.
(2) Choose Unarchiver One as your default unarchiving tool.
(3) Click ‘Change All’.
2. How to unzip files on Mac
After setting Unarchiver One as your default unarchiving tool, you can open compressed files by simply double-clicking on them. However, there are also other ways to unzip files with Unarchiver One easily:
(1) Right-click on the compressed file. Unarchiver One will quickly extract files to the current folder by just right-clicking on the compressed file and choosing ‘Open With > Unarchiver One’.
(2) Drag and drop archive files to Unarchiver One’s console. Effortlessly drag and drop archive files to Unarchiver One’s console to easily browse and securely extract their contents with just one click.
3. How to make a zip file on Mac
There are two main ways to make a zip file with Unarchiver One.
(1) Right-click on the files you want to compress.
First, follow the steps above and set up Unarchiver One as your default unarchiving tool.
Then choose all the files you want to compress and right-click on them.
After clicking on ‘Compress’ you’ll find that the archive file is instantly stored in the current folder!
(2) Drag and drop all the files to Unarchiver One’s console.
Choose all the files you want to compress and drag and drop them into Unarchiver One’s console. Click on ‘Compress’.
Choose where you want to save the compressed file and the specific archive format. In this step, you can also encrypt the file if required.
Your browsing history is a vital piece of information that can define your personality, your drives, and your likes and dislikes. That’s why third parties love to collect this information for targeted advertising and, sometimes, malicious activities.
To prevent others from collecting your browsing history, make it a habit to delete it now and then. Here’s some simple steps on how to delete browsing history on your Safari browser.
For Mac
1. Open your Safari App and click History on the top menu options. 2. Click Clear History. A pop-up menu will appear and you can choose how far back you want to clear your browsing history.
You can also clear specific safari browsing history:
In Safari, press Command-Yor select History > Show All History.
From the long list, click once on a history item to select it.
Right-click to bring up a menu, then choose Delete.
Manually clearing search and browsing history from your safari can be tedious. However, there is also an automatic solution you can try: Antivirus One , from Trend Micro.
The privacy cleaner feature in Antivirus One can help you clean sensitive browsing information to protect your privacy. Here, you can select Safari and then click the “Clean” button to remove all browsing info in a few seconds.
For iPhone
1. Go to Settings and click Safari.
2. Tap “Clear History and Website Data”.
This will remove history, cookies, and browsing data from Safari.
If this article has been of use and/or interest to you, please do SHARE with friends and family — and remember to give Antivirus One a go.Get Antivirus One
Eventually, if you’re shutter-happy enough, you’ll need to transfer your iPhone’s photos to your Mac to save the precious space on your mobile device. Simply sending a few photos as an email attachment is fine for a small number of photos, but in this article, we share several easier and more convenient ways of exporting your iPhone’s photos to your Mac.
Transfer Photos from iPhone to Mac with a USB Cable
Connecting your device using a Lightning-to-USB cable is the most common way of transferring pictures from an iPhone to a Mac. Below are several ways you can do this using a few different apps.
How to Use Finder to Transfer Photos from iPhone to Mac
Starting with macOS Catalina, there is no iTunes. However, you can easily sync your iPhone with your Mac using Finder. Here’s how to do it:
1. Connect your iPhone to your Mac with a Lightning-to-USB cable. 2. Open Finder. Your iPhone should appear in Finder’s sidebar under Locations.
3. In the sidebar, select your iPhone. If prompted, confirm that you trust your iPhone. 4. Click Get Started.
5. At the top of the window, click Photos and then check the Sync photos to your device from: box.
6. Use the drop-down menu to choose the folder or app on your iPhone that you want to sync photos from. 7. Use the checkboxes at the bottom of the window to choose whether you want to sync all your photos and albums or only selected albums. 8. Click Apply.
How to Use the Photos App to Transfer Photos from iPhone to Mac
Below are instructions on how to transfer photos from iPhone to Mac using the Photos app:
1. Connect your iPhone to Mac using a Lightning-to-USB cable. 2. Once prompted, confirm that you are using a trusted device. You will only need to do this if you haven’t synced your photos using this method before. 3. Open the Photos app on your Mac if it doesn’t automatically open. 4. In the sidebar, select your iPhone.
5. In the upper menu of the Photos app, choose Import. 6. Click Import All New Photos, or select the photos you need and click Import Selected.
Use Image Capture to Transfer Photos from iPhone to Mac
Another method for transferring photos from your iPhone to your Mac involves using the native Image Capture app. This method lets you quickly and easily download your photos to a folder of your choice.
It is primarily intended for use with digital cameras and scanners, but it can also be used with iPhones with no issue.
1. Connect your iPhone to your Mac using a Lightning-to-USB cable and allow access to the device when prompted. 2. Open Image Capture on your Mac. 3. In the sidebar, select your iPhone under the Devices category. 4. At the bottom of the window, use the Import To drop-down menu to choose the location to save your pictures.
5. Select the pictures you want to import and click the Download button, or if you want to transfer all your photos, click Download All.
Transfer Photos from iPhone to Mac wirelessly
There are several options for transferring photos even if you don’t have a Lightning-to-USB cable. Here they are:
Use AirDrop to Transfer Photos from iPhone to Mac
AirDrop works great for transferring photos between your iPhone and Mac, and vice versa. Please ensure both devices are connected to the same Wi-Fi network and no more than around 30 feet from each other.
1. First, make sure your Mac is discoverable by everyone. Open Finder on your Mac, click Go in the menu bar, and select AirDrop. A Finder window will open with the AirDrop icon at the bottom.
2. Make sure that Everyone is selected under the Allow me to be discovered by: drop-down menu. 3. On your iPhone, open the Photos app and select the pictures you want to transfer. 4. Tap the Share button and select AirDrop.
5. Select the device you want to transfer your photos to and click Done. Depending on your Mac’s settings, you may be asked where you want to save the photos.
Use iCloud to Transfer Photos from iPhone to Mac
iCloud lets you synchronize your photos between your iPhone and Mac. Because the two devices will be regularly synchronized, this method is very efficient.
1. Make sure to sign in to your Apple ID on your iPhone and Mac and that they are both connected to Wi-Fi. 2. On your iPhone, go to Settings > Your Apple ID > iCloud > Photos. 3. Enable the slider next to iCloud Photos.
4. On your Mac, go to the Apple menu and select System Preferences. 5. For macOS Catalina or later (Big Sur and Monterey), go to iCloud or Apple, then choose iCloud. 6. Check the boxes next to iCloud Drive and Photos.
Note: remember to switch off sync after transferring if you want to delete photos on your iPhone and keep them on your Mac because as long as sync is enabled, any changes you make to photos on one device will automatically be synced to the other.
Got lots of duplicates?
Transferring photos to your Mac is a great way to reclaim some of the precious storage space on your iPhone, but if you’ve got lots of duplicate photos, you’re going to have a nightmare of a time sorting through them on your Mac. Fortunately, Cleaner One Pro is on hand to help out!
Cleaner One Pro makes the time-consuming process of finding and removing similar photos and duplicate files a thing of the past! Simply run a quick scan on your Mac to detect and remove everything hogging storage space.
Apple on Thursday rolled out emergency patches to address two zero-day flaws in its mobile and desktop operating systems that it said may have been exploited in the wild.
The shortcomings have been fixed as part of updates to iOS and iPadOS 15.4.1, macOS Monterey 12.3.1, tvOS 15.4.1, and watchOS 8.5.1. Both the vulnerabilities have been reported to Apple anonymously.
Tracked as CVE-2022-22675, the issue has been described as an out-of-bounds write vulnerability in an audio and video decoding component called AppleAVD that could allow an application to execute arbitrary code with kernel privileges.
Apple said the defect was resolved with improved bounds checking, adding it’s aware that “this issue may have been actively exploited.”
The latest version of macOS Monterey, besides fixing CVE-2022-22675, also includes remediation for CVE-2022-22674, an out-of-bounds read issue in the Intel Graphics Driver module that could enable a malicious actor to read kernel memory.
The bug was “addressed with improved input validation,” the iPhone maker noted, once again stating there’s evidence of active exploitation, while withholding additional details to prevent further abuse.
The latest updates bring the total number of actively exploited zero-days patched by Apple to four since the start of year, not to mention a publicly disclosed flaw in the IndexedDB API (CVE-2022-22594), which could be weaponized by a malicious website to track users’ online activity and identities in the web browser.
CVE-2022-22587 (IOMobileFrameBuffer) – A malicious application may be able to execute arbitrary code with kernel privileges
CVE-2022-22620 (WebKit) – Processing maliciously crafted web content may lead to arbitrary code execution
In light of active exploitation of the flaws, Apple iPhone, iPad, and Mac users are highly recommended to upgrade to the latest versions of the software as soon as possible to mitigate potential threats.
The iOS and iPad updates are available to iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation).
Have you noticed your iPhone behaving a little strangely recently? Maybe you’ve been bombarded by unusual ads or your battery has been hitting 0% much more quickly than normal. If you’ve got your suspicions that your iPhone has a malware infection, keep on reading to learn how to know for sure!
Step #1 — Check for high data usage
One particularly big sign of a malware infection is if your iPhone is using much more data than normal. Follow the instructions below to check:
Go to either Settings > Cellular or Settings > Mobile Data (depending on which version of iOS you have, it will be different).
You will then be able to check exactly how much data you’ve used in the current period. If it is significantly higher than you’re used to, search through the list of apps and look for any that you don’t recognize or remember installing. If any of them are using up a lot of data, you should strongly consider deleting them because they could be malicious.
Step #2 — Check for battery-hogging apps
Some forms of malware can run in the background without you even being aware of it, consuming huge amounts of your iPhone’s resources and having a significant impact on how long its battery lasts. As a result, similar to an increase in data usage, a sudden increase in battery usage is another red flag that indicates that your iPhone may have a problem. Here’s how you can check:
Navigate to Settings and select Battery.
Choose either Last 24 hours or Last 10 Days.
You can now see every app’s battery usage during the selected time period. Just like checking for high data usage, if you see any unusual apps that are using up a lot of battery, you should delete them.
Step #3 — Check for strange apps
Malware comes in many different varieties. While it is true that many consume a lot of battery and data, it is not the case for all malicious apps. Because of this, you also need to simply scan through every app installed on your iPhone and look for ones you don’t recognize.
This step may take a while, especially if you’ve installed lots of them, but scan through all your apps and search for ones that you don’t recognize. Every time you see an unfamiliar one, you should remove it.
Step #4 — Constantly being bothered by pop-ups?
If you’re always being bombarded by ads every time you surf the web on your iPhone, it’s a very strong sign that it has been infected by adware, which is a particular form of malware. Although it is generally considered one of the less dangerous types of malware, it can still be very annoying. If you’re suffering from this issue, but you were unable to find any malicious apps while following the previous steps, you should move on to the next step.
Step #5 — Run a malware scan
If you were unsuccessful in detecting any malware-infected apps while following the instructions in the previous steps and your iPhone is still behaving unusually, you need to run a malware scan — Trend Micro Mobile Security works perfectly for this!
Trend Micro Mobile Security can protect you against malicious apps, ransomware, dangerous websites, unsafe Wi-Fi networks, and more. Ridding your iPhone of malware simply couldn’t be any easier! Click the button below to download.Get Mobile Security
Some of Trend Micro Mobile Security ’s awesome features include:
Surf anywhere —Prevent mobile apps from loading dangerous and risky websites when you browse.
Stop threats —Rely on the cloud-based Smart Protection Network™ and Mobile App Reputation technology to stop threats before they can reach you.
Avoid online scams and fraud —Flag malicious phishing emails and scam websites.
Improve performance — Take advantage of optimization features to make your mobile devices work better.
Apple on Wednesday released iOS 15.3 and macOS Monterey 12.2 with a fix for the privacy-defeating bug in Safari, as well as to contain a zero-day flaw, which it said has been exploited in the wild to break into its devices.
Tracked as CVE-2022-22587, the vulnerability relates to a memory corruption issue in the IOMobileFrameBuffer component that could be abused by a malicious application to execute arbitrary code with kernel privileges.
The iPhone maker said it’s “aware of a report that this issue may have been actively exploited,” adding it addressed the issue with improved input validation. It did not reveal the nature of the attacks, how widespread they are, or the identities of the threat actors exploiting them.
An anonymous researcher along with Meysam Firouzi and Siddharth Aeri have been credited with discovering and reporting the flaw.
CVE-2022-22587 is the third zero-day vulnerability discovered in IOMobileFrameBuffer in a span of six months after CVE-2021-30807 and CVE-2021-30883. In December 2021, Apple resolved four additional weaknesses in the kernel extension that’s used to manage the screen framebuffer.
Also fixed by the tech giant is a recently disclosed vulnerability in Safari that stemmed from a faulty implementation of the IndexedDB API (CVE-2022-22594), which could be abused by a malicious website to track users’ online activity in the web browser and even reveal their identity.
Other flaws of note include —
CVE-2022-22584 – A memory corruption issue in ColorSync that may lead to arbitrary code execution when processing a malicious crafted file
CVE-2022-22578 – A logic issue in Crash Reporter that could allow a malicious application to gain root privileges
CVE-2022-22585 – A path validation issue in iCloud that could be exploited by a rogue application to access a user’s files
CVE-2022-22591 – A memory corruption issue in Intel Graphics Driver that could be abused by a malicious application to execute arbitrary code with kernel privileges
CVE-2022-22593 – A buffer overflow issue in Kernel that could be abused by a malicious application to execute arbitrary code with kernel privileges
CVE-2022-22590 – A use-after-free issue in WebKit that may lead to arbitrary code execution when processing maliciously crafted web content
The updates are available for iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, iPod touch (7th generation), and macOS devices running Big Sur, Catalina, and Monterey.
