Forgot password?

Apple release update to address a new WebKit flaw

Threat Intelligence from DigitalXRAID’s Security Operations Centre analysts:

DigitalXRAID’s Security Operations Centre Analysts have reported that Apple have just released an update for iOS, iPadOS, macOS and Safari web browser in order to address a new WebKit flaw that may have been actively exploited in the wild.

Read more about the CVE detail here: CVE-2022-22620

The CVSS (Common Vulnerability Scoring System) Severity Score has been rated as: 8.4

Tracked as CVE-2022-22620, the issue concerns a use-after-free vulnerability in the WebKit component that powers the Safari web browser and could be exploited by a piece of specially crafted web content to gain arbitrary code execution.

This vulnerability affects:

  • Versions prior to iOS 15.3.1
  • Versions prior to iPadOS 15.3.1
  • Versions prior to macOS Monterey 12.2.1
  • Versions prior to Safari 15.3

Remediation of Vulnerabilities

iOS 15.3.1 and iPadOS 15.3.1 updates are available for iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation).

Devices running macOS Monterey should be updated to version 12.2.1.

Safari 15.3 updates are available for devices running macOS Big Sur and macOS Catalina.

DigitalXRAID’s SOC Analysts recommend that any supported devices are updated immediately.

If you discover that you’ve suffered a breach and need help urgently, get in contact with us. You can call our emergency line on 0800 066 4509 to speak to one of our experts. They’re available 24 hours a day, 7 days a week. Bookmark this page in case you ever need us.  

If you need any support in mitigating any risks this vulnerability may have on your business, please don’t hesitate to get in contact 

Cyber Security Experts

Accredited and regulated, we're in the top 1% of cyber security agencies globally

Crown Commercial Service Supplier Cyber Essentials Plus ISO 27001 BSI ISO 9001 CHECK NCSC Cyber Incident Response CREST

We’re trusted by the UK Government as Crown Commercial Service providers as well as being accredited by two of the leading cyber security governing bodies. Our ISO9001 certification means you can rest assured our processes and approach are market leading.

Protect Your Business & Your Reputation.

With a continued focus on security, you can rest assured that breaches and exploits won't be holding you back.

Speak To An Expert


Get In Touch

[contact-form-7 id="5" title="Contact Us Form"]