https://www.theregister.com/2022/03/31/apple_emergency_patches/
Apple emits macOS, iOS, iPadOS patches for 'exploited' security bugs
Apple issued macOS Monterey 12.3.1; iOS 15.4.1 and iPadOS 15.4.1; tvOS
15.4.1; and watchOS 8.5.1 to address zero-day vulnerabilities.
The Monterey release closes CVE-2022-22675, an out-of-bounds write flaw reported by an anonymous researcher in the driver-level AppleAVD audio-video decoder. This can be abused by an application to run code at the kernel
level, meaning a rogue app or user can gain powerful privileges and
completely take over the machine.
Apple said it is aware this issue is actively exploited."
The bug was fixed by applying improved memory bounds checking.
The Monterey update also patches CVE-2022-22674, an out-of-bounds read flaw again reported by an unnamed researcher in the OS's Intel graphics driver.
Again, Apple said it is aware this flaw has been actively exploited.
Users should apply these updates as soon as they can if they've not already been automatically installed. The macOS vulnerabilities are present in at
least Macs running Monterey.
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)