• First two iOS/macOS zero-day vulnerabilities of 2022 - exploited

    From NewsKrawler@21:1/5 to All on Thu Jan 27 02:34:41 2022
    https://securityaffairs.co/wordpress/127240/hacking/apple-fixed-two-zero-day-2022.html
    First two iOS/macOS zero-day vulnerabilities of 2022 - exploited.

    CVE-2022-22587, is a memory corruption issue that resides in the IOMobileFrameBuffer and affects iOS, iPadOS, and macOS Monterey.
    The company addressed the flaw by improving input validation. The
    vulnerability impacts iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod
    touch (7th generation).
    CVE-2022-22587 was reported to Apple by Meysam Firouzi and Siddharth Aeri.

    CVE-2022-22594, is a Safari WebKit issue that impacts iOS and iPadOS.
    This vulnerability impacts iPhone 6s and later, iPad Pro (all models), iPad
    Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and
    iPod touch (7th generation).

    CVE-2022-22594 was reported to Apple by Martin Bajanik on November 28th.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)