News

macOS Monterey 12.6 With Security Updates Now Available to Public

While we likely have to wait for macOS Ventura 13 to be released to the public in October (when new Macs will likely also be unveiled), there is a macOS Monterey 12.6 update available as of today. The update is the sixth major update to Monterey, and comes a few months after the release of macOS Monterey 12.5.

The Monterey 12.6 update can be downloaded to a compatible Mac via the Software Update section of System Preferences. Like all Mac updates, ‌the macOS Monterey update is available free of charge.

‌macOS Monterey‌ 12.6 addresses a number of kernel vulnerabilities, and brings fixes for issues with maps, iMovie, ATS, MediaLibrary, and PackageKit.

From Apple Support:

macOS Monterey 12.6

Released September 12, 2022

ATS

Available for: macOS Monterey

Impact: An app may be able to bypass Privacy preferences

Description: A logic issue was addressed with improved state management.

CVE-2022-32902: Mickey Jin (@patch1t)

iMovie

Available for: macOS Monterey

Impact: A user may be able to view sensitive user information

Description: This issue was addressed by enabling hardened runtime.

CVE-2022-32896: Wojciech Reguła (@_r3ggi)

Kernel

Available for: macOS Monterey

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2022-32911: Zweig of Kunlun Lab

Kernel

Available for: macOS Monterey

Impact: An app may be able to disclose kernel memory

Description: The issue was addressed with improved memory handling.

CVE-2022-32864: Linus Henze of Pinauten GmbH (pinauten.de)

Kernel

Available for: macOS Monterey

Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.

Description: The issue was addressed with improved bounds checks.

CVE-2022-32917: an anonymous researcher

Maps

Available for: macOS Monterey

Impact: An app may be able to read sensitive location information

Description: A logic issue was addressed with improved restrictions.

CVE-2022-32883: Ron Masas, breakpointhq.com

MediaLibrary

Available for: macOS Monterey

Impact: A user may be able to elevate privileges

Description: A memory corruption issue was addressed with improved input validation.

CVE-2022-32908: an anonymous researcher

PackageKit

Available for: macOS Monterey

Impact: An app may be able to gain elevated privileges

Description: A logic issue was addressed with improved state management.

CVE-2022-32900: Mickey Jin (@patch1t)

Apple says that one kernel vulnerability has been actively exploited, so all ‌macOS Monterey‌ users are strongly recommended to update to the new version of the operating system as soon as possible.

A macOS Big Sur 11.7 update with security fixes has also been released.

Chris Hauk

Chris is a Senior Editor at Mactrast. He lives somewhere in the deep Southern part of America, and yes, he has to pump in both sunshine and the Internet.