Home / Software / News
News

Big Sur 11.7.2 and Monterey 12.6.2 bring a slew of security updates to older Macs

Go visit System Preferences and get up to date.
Michael Simon
By Michael Simon
Executive Editor, Macworld DEC 14, 2022 2:45 am PST
macOS Big Sur and Monterey
Image: Foundry

macOS 13.1 may be getting all the attention, but Apple hasn’t forgotten about its older operating systems. Alongside the first major Ventura update, Apple also released updates to Big Sur (11.7.2) and Monterey (12.6.2) that contain a slew of important security updates. Apple appears to be done releasing updates for the two-year-old Catalina.

To update to the latest version of Monterey or Big Sur, head over to System Preferences, click Software Update, and then Install Now. Several of the updates are serious flaws that could lead to arbitrary code execution. Many of the security updates are the same across both operating systems, but there are three that are just for Monterey.

Monterey 12.6.2 security updates

Bluetooth

  • Impact: An app may be able to disclose kernel memory
  • Description: The issue was addressed with improved memory handling.
  • CVE-2022-42854: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd. (@starlabs_sg)

File System

  • Impact: An app may be able to break out of its sandbox
  • Description: This issue was addressed with improved checks.
  • CVE-2022-42861: pattern-f (@pattern_F_) of Ant Security Light-Year Lab

Preferences

  • Impact: An app may be able to use arbitrary entitlements
  • Description: A logic issue was addressed with improved state management.
  • CVE-2022-42855: Ivan Fratric of Google Project Zero

Monterey 12.6.2 and Big Sur 11.7.2 security updates

BOM

  • Impact: An app may bypass Gatekeeper checks
  • Description: A logic issue was addressed with improved checks.
  • CVE-2022-42821: Jonathan Bar Or of Microsoft

DriverKit

  • Impact: An app may be able to execute arbitrary code with kernel privileges
  • Description: The issue was addressed with improved memory handling.
  • CVE-2022-32942: Linus Henze of Pinauten GmbH (pinauten.de)

IOHIDFamily

  • Impact: An app may be able to execute arbitrary code with kernel privileges
  • Description: A race condition was addressed with improved state handling.
  • CVE-2022-42864: Tommy Muir (@Muirey03)

Kernel

  • Impact: An app may be able to execute arbitrary code with kernel privileges
  • Description: A race condition was addressed with additional validation.
  • CVE-2022-46689: Ian Beer of Google Project Zero

Kernel

  • Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges
  • Description: The issue was addressed with improved memory handling.
  • CVE-2022-42845: Adam Doupé of ASU SEFCOM

Kernel

  • Impact: A remote user may be able to cause kernel code execution
  • Description: The issue was addressed with improved memory handling.
  • CVE-2022-42842: pattern-f (@pattern_F_) of Ant Security Light-Year Lab

libxml2

  • Impact: A remote user may be able to cause unexpected app termination or arbitrary code execution
  • Description: An integer overflow was addressed through improved input validation.
  • CVE-2022-40303: Maddie Stone of Google Project Zero

libxml2

  • Impact: A remote user may be able to cause unexpected app termination or arbitrary code execution
  • Description: This issue was addressed with improved checks.
  • CVE-2022-40304: Ned Williamson and Nathan Wachholz of Google Project Zero

ppp

  • Impact: An app may be able to execute arbitrary code with kernel privileges
  • Description: The issue was addressed with improved memory handling.
  • CVE-2022-42840: an anonymous researcher

xar

  • Impact: Processing a maliciously crafted package may lead to arbitrary code execution
  • Description: A type confusion issue was addressed with improved checks.
  • CVE-2022-42841: Thijs Alkemade (@xnyhps) of Computest Sector 7

Safari 16.2 security updates

There is also a separate update to Safari (16.2) that fixes eight severe WebKit flaws, the most critical being a zero-day flaw that has been actively exploited. It’s the same flaw that was patched in iOS 16.1.2 last week.

WebKit

Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1.

Description: A type confusion issue was addressed with improved state handling.

CVE-2022-42856: Clément Lecigne of Google’s Threat Analysis Group

, Executive Editor

Michael Simon has been covering Apple since the iPod was the iWalk. His obsession with technology goes back to his first PC—the IBM Thinkpad with the lift-up keyboard for swapping out the drive. He's still waiting for that to come back in style tbh.

Recent stories by Michael Simon: