Apple Safari 15.6.1 for macOS Big Sur and Catalina is available to download now
A severe security flaw that affects a variety of Apple’s operating systems has been quickly patched by Apple in its Safari browser. Anyone running the macOS Big Sur or Catalina versions of Safari is urged to update right now. Safari 15.6.1 is currently available for download. The CVE-2022-32893 update fixes a bug in the WebKit engine, which is used by Safari and other programs that can connect to the web.
Apple has acknowledged the issue, which when abused allows threat actors to remotely execute remote malware on a susceptible device, is apparently already being exploited in the wild. When a threat actor compels an input program to write data before the start of the memory buffer or after its finish, that situation is known as an “out-of-bounds write fault.” This causes the software to crash, taints the data, and makes it possible for threat actors to remotely run code. The solution for Big Sur and Catalia is the same as the one for Monterey, which is to check the limits more carefully.
Apple is keeping quiet about the problem until the majority of endpoints are fixed in light of the fact that the bug is being used in the wild. The business said that an anonymous user had alerted it to the issues and that it had now enhanced its boundaries by testing for both bugs. This year, Apple has been busy patching zero-day vulnerabilities. Two of these problems, CVE-2022-22578 and CVE-2022-22594, which let arbitrary code run with kernel privileges, were fixed in January 2022.
In March, Apple patched CVE-2022-22674 and CVE-2022-22675, two zero-days used to execute malware with Kernel privileges and affecting iPhones, iPads, and Macs. A month after that, it fixed another zero-day that allowed threat actors to crash the OS and conduct remote code execution.