Apple released security updates for macOS Big Sur and Monterey on Monday. According to Apple’s security updates, macOS Big Sur 11.7.6 and macOS Monterey 12.6.5 fix the vulnerability labeled CVE-2023-28206 that was patched last week in macOS 13.3.1. The update does not appear to contain any other improvements. According to Apple’s security content page, the updates fix the same bug in both operating systems:
IOSurfaceAccelerator
- Influence: An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
- Description: An out-of-bounds write issue was addressed through improved input validation.
- CVE-2023-28206: Clément Lecigne of Google’s Threat Analysis Group and Donncha Ó Cearbhaill of Amnesty International’s Security Lab
How to install the update
Apple recommends that all users install the updates as soon as possible. Follow these instructions to get them on your Mac:
- Open System Preferences.
- click on Software update.
- Your Mac will spend about a minute checking for updates. If an update is available for your Mac, you have the option to click Upgrade now and then download the installer for the update to macOS.
- You can continue to use your Mac while the installer downloads. Once the installer is downloaded, you can click to install the new update.