Apple has announced that a significant zero-day vulnerability that was being exploited in the open targeting Mac computers and Apple Watches has been addressed by the corporation.
Apple was made aware of an out-of-bounds writing problem in the AppleAVD (sound – visual processing kernel module) by an unnamed expert in the field of cybersecurity. This flaw was exploited by malicious attackers to inject malicious code with privileged access. Apple was alerted to this flaw.
The vulnerability was addressed in not one but three distinct operating systems: macOS Big Sur ver. 11.6; watchOS ver. 8.6 as well as tvOS ver. 15.5. In addition to terminals using macOS Big Sur, impacted devices comprise Apple TV 4K products, Apple TV 4K 2nd-gen machines, and Apple TV HD equipment, along with Apple Watch Series 3 or later.
Apple is maintaining a level of secrecy about the vulnerability, and the company has not disclosed any other specifics. Apple wishes to offer administrators a kickstart for fixing before the bulk of malicious attackers catch up on it, and it is very likely that this is because it can be abused with comparative simplicity. As a result, this is why Apple has chosen to disclose the vulnerability.
Apple has been putting forth a lot of effort to fix this specific vulnerability, which affects a variety of devices and platforms. It was stated around a month earlier that the business had published patches for much the same problem for almost all generations of the iPhone & iPad.
Users were strongly encouraged to upgrade their os’s to the most recent release as soon as feasible at the moment, which would have been iOS ver. 15.4.1; iPadOS ver. 15.4.1 & macOS Monterey ver. 12.3.1 respectively.