About a week after Apple released macOS Monterey 12.3.1 with key security fixes, Big Sur 11.6.6 has arrived to seemingly plug the same holes. Security update 2022-004 for Catalina is also expected to arrive today or tomorrow.
The update is 2.53 GB and the release notes only say, “This update is recommended for all users and improves the security of macOS.” Apple hasn’t updated its security page with information about the new release, but assuming it’s the same as Apple’s Monterey release notes, the emergency update fixes two vulnerabilities that may have been actively exploited:
AppleAVD
- Influence: An application can run arbitrary code with kernel privileges
- Description: An out-of-bounds write issue was addressed through improved boundary checking. Apple is aware of a report that this issue may have been actively exploited.
- CVE-2022-22675: an anonymous researcher
Intel graphics driver
- Influence: An application can read kernel memory
- Description: An out-of-bounds read issue could lead to kernel memory disclosure and was addressed through improved input validation. Apple is aware of a report that this issue may have been actively exploited.
- CVE-2022-22674: an anonymous researcher
To install the update on your Mac, go to System Preferences and click the software update Diamond. Click “Install Now”.
