Apple rushed out patches for two zero-days; remediating one vulnerability that affects both macOS and iOS. These zero-day vulnerabilities are tracked as CVE-2022-22675 (iOS) and CVE-2022-22674 (macOS). Their discovery was attributed to an anonymous researcher.
Both vulnerabilities are likely under active exploitation. Apple didn’t disclose more specifics on the issues and what exploits may be occurring, as is customary. It will not do so until it completes its investigation of the vulnerabilities, according to the advisory. Customers are urged to update devices as soon as possible to patch the bugs.
Read the full Apple security advisory here: https://support.apple.com/en-us/HT213219
