The vulnerability reportedly allowed malicious websites to execute code on devices like an iPhone or iPad Pro, potentially causing all kinds of security flaws. Apple says the vulnerability has been exploited, but doesn’t share details about the number of affected users or the damage caused.
“Impact: Processing of maliciously crafted web content may lead to the execution of arbitrary code. Apple is aware of a report that this issue may have been actively exploited,” Apple said on its support website regarding the CVE-2022-22620 vulnerability, which was apparently discovered by an anonymous researcher.
Which devices receive the update?
The iOS 15.3.1 update is available for iPhone 6S and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation). generation).
Apple is also releasing a similar update for macOS that fixes the same CVE-2022-22620 vulnerability. The macOS Monterey 12.2.1 update is available for all devices that support the macOS Monterey update.
The watchOS 8.4.2 update has also been released for supported Apple Watch models. The company also released an update to Safari. Safari 15.3 update for macOS Big Sur (build number 166188.8.131.52.8) and macOS Catalina (build number 156184.108.40.206.8) that fixes the issue.
It goes without saying that users should update to the latest version as soon as possible. To get the new update on your iPhone or iPad, open the Settings app and go to General/Software Update. On the Mac, open System Preferences/Software Update.