Older macOS versions reportedly remain insecure after Apple chose only to patch Monterey

Apple patched two major flaws last week, but apparently only for macOS Monterey

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Last week,Applereleased an important updatefor its devices,patchingtwo major security flaws. However, it has now been suggested that not all macOS versions received the fix.

Although macOS Monterey users are now protected from the vulnerabilities with the latest update, those running Big Sur and Catalina remain exposed, a security researcher has claimed.

Speaking to analysts,The Registerfound that Big Sur users are in a more vulnerable position than those using Catalina. According to chief security analyst for Intego, Joshua Long, Catalina lacks the AppleAVD component for decoding audio and video and is therefore immune to one of the vulnerabilities. The other flaw, however, affects both versions.

So far, Apple has remained quiet on the matter.TechRadar Prohas reached out to the company’s representatives, but did not receive an immediate response.

We’re looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn’t take more than 60 seconds of your time. Thank you for taking part.

Click here to start the survey in a new window«

macOS vulnerabilities

macOS Catalina was first released in October 2019, and should hit end-of-life in November this year, while macOS Big Sur hit the virtual shelves a year later, in November 2020, and should be supported until November 2023.

However, Long says that at least a third of Macs currently being used run on one of the vulnerableoperating systems.

The first flaw is an out-of-bounds write vulnerability in theIntelGraphics Driver that allows apps to read kernel memory, while the second is an out-of-bounds read issue in the AppleAVD media decoder, allowing apps to execute arbitrary code with kernel privileges.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Apple just patched a whole load of iPad, macOS and iPhone security bugs, so update now>Patch your iPhone and iPad: Apple security update stamps out active exploit>Apple releases emergency iOS and macOS security patch - so update now

Apple says the flaws might have been exploited in the wild, most likely foridentity theft,malwaredistribution, and other malicious activity, so users are urged to update their operating systems to the newest version as soon as possible.

In addition to Apple Macs, all iPhone models from the iPhone 6 onwards are affected, as well as a wide range of iPad and iPod Touch models.

ViaThe Register

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

7 myths about email security everyone should stop believing

Best Usenet client of 2024

Google TV will require more RAM for future upgrades – which might leave older TVs and streaming boxes behind