Security Patch Release or iOS, iPadOS, macOS Impacted by Critical Security Bug
Certain Apple products are impacted by a critical vulnerability that could allow arbitrary code execution if a user views a maliciously crafted web page. Successful exploitation of this vulnerability could result in arbitrary code execution within the context of the application. The attacker can gain the same privileges as the logged-on user, or bypass security restrictions on the affected Apple device.
Depending on the permission associated with the application running the exploit, an attacker could then install programs as well as view, change, or delete data.
The security flaw is tracked as CVE-2022-22620. The vulnerability concerns a WebKit component that powers the Safari web browser that could be exploited by a piece of specially crafted web content to gain arbitrary code execution.
Apple says the company is aware of a report that CVE-2022-22620 may have been actively exploited.
Systems Affected
• iOS and iPadOS prior to 15.3.1
• macOS Monterey prior to 12.2.1
• Safari prior to 15.3 (v. 16612.4.9.1.8 and 15612.4.9.1.8)
The risk to government entities of all sizes is considered high. The same goes for SMBs as well as enterprise organizations.
Technical Summary
A vulnerability has been discovered in Apple Products, which could allow for arbitrary code execution if a user views a specially crafted web page.
How to mitigate the risks of CVE-2022-22620
• Apply appropriate patches provided by Apple to vulnerable systems
• Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.
• Do not download, accept, or execute files from untrusted or unknown sources.
• Users should not visit untrusted websites or follow links provided by untrusted or unknown sources like emails and SMS text messages from unknown senders
• Evaluate and limit execute permissions on all newly installed software.
• Apply the Principle of Least Privilege to all systems and services.
