Search This Site


Main menu

Critical Vulnerability in macOS and iOS

Monday, April 4, 2022 - 15:30

Two critical zero-day vulnerabilities has been identified that require the immediate attention of anyone using a Macintosh computer, iPhone, or iPad. 


Apple released separate security updates for two vulnerabilities that affect the macOS and iOS and iPadOS operating systems.  The zero-day vulnerability that affects both macOS and iOS is tracked as CVE-2022-22675 and one that affects Macs (a macOS zero-day flaw) is tracked as CVE-2022-22674. Successful exploitation of the CVE-2022-22675 vulnerability could allow an application to execute arbitrary code with kernel privileges.  Successful exploitation of the CVE-2022-22674 vulnerability could allow an application to read kernel memory.  Both of these may have already been exploited.  

Permanent mitigation:

If you are running macOS Monterey, update to version 12.3.1 or higher. 
If you have an iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation), update to version iOS 15.4.1 and iPadOS 15.4.1 or higher. 

Temporary mitigation:


More information:

Apple Security Updates Information - 
About the security content of iOS 15.4.1 and iPadOS 15.4.1 -
About the security content of macOS Monterey 12.3.1 -

Report an Information
Security Incident

Please report any level of incident, no matter how small. The Information
Security office will evaluate the report and provide a full investigation if appropriate.

Complete Report Form