Apple has patched an actively exploited vulnerability in its older macOS Big Sur operating system, the details of which were first made public in April.
At the time, macOS Monterey along with iPadOS and iOS received patches for two actively exploited vulnerabilities, but not macOS Big Sur.
In April, the Cybersecurity and Infrastructure Security Agency (CISA) warned Apple customers that they need to patch against the two actively exploited vulnerabilities.
"An attacker could exploit one of these vulnerabilities to take control of an affected device.
"These vulnerabilities have been detected in exploits in the wild," CISA said in its April advisory.
Apple has acknowledged that one flaw in the AppleAVD media file decoder may have been actively exploited, and issued the additional patch for Big Sur in its May 2022 round of security updates.
Neither Apple nor CISA provided details as to when and where the flaw was exploited.
The bug, indexed with the Common Vulnerabilities and Exposures (CVE) number CVE-2022-22675 could allow an attacker to run arbitrary code with kernel privileges.
It is a memory corruption vulnerability that allows out-of-bounds writes, and was reported to Apple by an anonymous researcher.
A second April zero-day bug, CVE-2022-22674, can be exploited to read operating system kernel memory, to leak secret information.
CVE-2022-2674 is an out-of-bounds memory read vulnerability in the macOS graphics drivers, and was also reported to Apple by an anonymous researcher.
Over 50 CVEs are patched in Apple macOS Big Sur 11.6.6, including several arbitrary code execution and privilege escalation vulnerabilities.
The older macOS Catalina operating system is not vulnerable to the AppleAVD bug, according to Apple's advisory, but has received 38 updates for different CVEs.
Apple's current macOS Monterey is updated to version 12.4, with security patches for 73 vulnerabilities.
While Apple does not assign severity ratings to the vulnerabilities it patches, the SANS Internet Storm Centre has rated 10 bugs out of 86 in total as critical as they can be used to run arbitrary code.
They include the remote code execution in the ImageIO, libXML2, Webkit, AppleGraphicsControl, Intel Graphics driver, libresolv, zlib, and SMB operating system components.
