Apple has released an IOS update for Apple devices that fixes the CVE- 2022-22620 vulnerability in the WebKit browser engine that hackers would have already exploited in a wild. And they urge the users to update the IOS with the latest updates as they have already been hacked by unknown hackers’ groups. 

As per the security experts, the vulnerability is critical as it belongs to the (UAF) User-After-Free class which is related to incorrect use of dynamic memory application in IOS. Attackers exploiting the UAF feature will allow them to create malicious web content which can lead to Remote Code Execution on the victim’s Apple device. 

According to Apple, Vulnerability will affect the browser such as Chrome, Mozilla, and default browser Safari even if the user doesn’t use it and they have not explained the details of the Vulnerabilities further. And Apple has released the patch update for iPhone 6s and newer models and Models such as iPad OS & macOS as well. 

To keep ourselves protected from this vulnerability, update the patch released on February 10 by Apple to prevent the exploitation of CVE-2022-22620. And it is recommended to install iOS 15.3.1 and iPad 15.3.1.

By Michael

Writer of Infohaunt is an Cyber Security Professional have experience in SOC operations, Threat Management, Incident Response, Threat Hunting, Digital Forensics.