Apple has released new macOS Ventura 13, along with security updates for Apple iOS 16.1, iOS 15.7, macOS Monterey 12.6.1, macOS Big Sur 11.7.1, Safari 16.1, tvOS 16.1, and watchOS 9.1. One zero-day iOS vulnerability was also fixed.
A remote attacker could exploit some of these vulnerabilities to take control of unpatched systems.
macOS Ventura 13
Apple released a new version of macOS Ventura 13 on October 24, 2022 that comes with new features such as:
- Continuity Camera that enables users to “seamlessly work across their Apple devices.”
- Productivity tools, such as Stage Manager, that “help users stay focused and easily move between tasks.”
- Safari that now includes a password-less future with passkeys.
- Big updates in Mail and Messages.
Moreover, Ventura 13 also comes with security updates and fixes for over 100 vulnerabilities.
macOS Ventura is available as a free software update on Macs with Apple silicon and Intel-based Macs.
iOS 16.1 and iPadOS 16
The latest iOS 16.1 and iPadOS 16 security update, released on October 24, addressed 20 vulnerabilities, to include one zero-day actively exploited.
According to Apple, the zero-day ‘out-of-bounds write issue’ vulnerability CVE-2022-42827 could allow an application to execute arbitrary code with kernel privileges.
“Apple is aware of a report that this issue may have been actively exploited,” Apple warned.
The issue was addressed with improved bounds checking.
The updates are available for iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later models.
macOS Monterey 12.6.1
In addition, Apple also released a security update for macOS Monterey 12.6.1 that patched just 3 vulnerabilities. One of those flaws (CVE-2022-28739) affects Ruby and could cause unexpected app termination or arbitrary code execution.
The updates also fixed vulnerabilities in AppleMobileFileIntegrity and Sandbox components.
macOS Big Sur 11.7.1
Apple also released a security update for macOS Big Sur 11.7.1 that patched 3 vulnerabilities that affect AppleMobileFileIntegrity, Ruby and Sandbox.
Other security updates
Finally, Apple released additional security updates for the following products:
Readers can check out the Apple’s Security Updates site for more details.
- Microsoft October 2022 Security Updates addresses 84 vulnerabilities (13 rated Critical, 2 zero-days)
- Apple patches vulnerabilities in iOS 16, iOS 15.7, macOS Monterey 12.6, Big Sur 11.7 and other products
- Apple patches vulnerabilities in multiple products (CVE-2022-22675 exploited in the wild)
- Google releases Chrome 107 security update with fixes for 3 High severity vulnerabilities