While Apple continues beta testing of macOS 12 Monterey, a new macOS Big Sur update has landed for all Mac users with 11.6. The new software hasn’t been beta tested and brings two important security updates that may have been actively exploited. There’s also an update for those running macOS Catalina.
macOS 11.6 arrived today alongside iOS 14.8 and watchOS 7.6.2. The main changes are two security updates. And along with the update for Big Sur, Apple has also released the security update for macOS Catalina, however, just one flaw fix was needed there.
Here are the specifics on the Big Sur security fixes. Notably, Apple says that both flaws may have been “actively exploited.”
CoreGraphics
Available for: macOS Big Sur
Impact: Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Description: An integer overflow was addressed with improved input validation.
CVE-2021-30860: The Citizen Lab
WebKit
Available for: macOS Big Sur
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Description: A use after free issue was addressed with improved memory management.
CVE-2021-30858: an anonymous researcher
macOS 11.6 (build number 20G165) is available for all users and should be showing up in System Preferences > Software Update soon if it’s not already.
FTC: We use income earning auto affiliate links. More.
Comments