macOS Ventura will likely arrive next month; however, Apple today released macOS Monterey 12.6 with security updates.  According to Apple’s release notes, these include:ATS

Available for: macOS Monterey

Impact: An app may be able to bypass Privacy preferences

Description: A logic issue was addressed with improved state management.

CVE-2022-32902: Mickey Jin (@patch1t)

iMovie

Available for: macOS Monterey

Impact: A user may be able to view sensitive user information

Description: This issue was addressed by enabling hardened runtime.

CVE-2022-32896: Wojciech Reguła (@_r3ggi)

Kernel

Available for: macOS Monterey

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2022-32911: Zweig of Kunlun Lab

Kernel

Available for: macOS Monterey

Impact: An app may be able to disclose kernel memory

Description: The issue was addressed with improved memory handling.

CVE-2022-32864: Linus Henze of Pinauten GmbH (pinauten.de)

Kernel

Available for: macOS Monterey

Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.

Description: The issue was addressed with improved bounds checks.

CVE-2022-32917: an anonymous researcher

Maps

Available for: macOS Monterey

Impact: An app may be able to read sensitive location information

Description: A logic issue was addressed with improved restrictions.

CVE-2022-32883: Ron Masas, breakpointhq.com

MediaLibrary

Available for: macOS Monterey

Impact: A user may be able to elevate privileges

Description: A memory corruption issue was addressed with improved input validation.

CVE-2022-32908: an anonymous researcher

PackageKit

Available for: macOS Monterey

Impact: An app may be able to gain elevated privileges

Description: A logic issue was addressed with improved state management.

You can download macOS Monterey 12.6 by going to System Preferences > Software Update.




Article provided with permission from AppleWorld.Today