The latest version of macOS doesn’t just bring us new features like Focus mode, Shortcuts, and Live Text. There are also quite a few security exploits fixed by macOS 12.0.1 Monterey, including some within iCloud, Game Center, and the audio and graphics drivers.
macOS 12.0.1 Monterey Security Notes
Here are some of the issues resolved by macOS 12.0.1 Monterey. All of these patches are available for Mac Pro (2013 and later), MacBook Air (Early 2015 and later), MacBook Pro (Early 2015 and later), Mac mini (Late 2014 and later), iMac (Late 2015 and later), MacBook (Early 2016 and later), and iMac Pro (2017 and later)
AppKit
Impact: A malicious application may be able to elevate privileges
Description: A logic issue was addressed with improved state management.
CVE-2021-30873: Thijs Alkemade of Computest
AppleScript
Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory
Description: An out-of-bounds read was addressed with improved bounds checking.
CVE-2021-30876 and CVE-2021-30879: Jeremy Brown, hjy79425575
CVE-2021-30877 and CVE-2021-30880: Jeremy Brown
Audio
Impact: A malicious application may be able to elevate privileges
Description: An integer overflow was addressed through improved input validation.
CVE-2021-30907: Zweig of Kunlun Lab
Bluetooth
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A race condition was addressed with improved state handling.
CVE-2021-30899: Weiteng Chen, Zheng Zhang and Zhiyun Qian of UC Riverside, and Yu Wang of Didi Research America
ColorSync
Impact: Processing a maliciously crafted image may lead to arbitrary code execution
Description: A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation.
CVE-2021-30917: Alexandru-Vlad Niculae and Mateusz Jurczyk of Google Project Zero
Continuity Camera
Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution
Description: This issue was addressed with improved checks.
CVE-2021-30903: an anonymous researcher
CoreAudio
Impact: Processing a maliciously crafted file may disclose user information
Description: An out-of-bounds read was addressed with improved bounds checking.
CVE-2021-30905: Mickey Jin (@patch1t) of Trend Micro
CoreGraphics
Impact: Processing a maliciously crafted PDF may lead to arbitrary code execution
Description: An out-of-bounds write was addressed with improved input validation.
CVE-2021-30919
FileProvider
Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution
Description: An input validation issue was addressed with improved memory handling.
CVE-2021-30881: Simon Huang and pjf of IceSword Lab of Qihoo 360
Game Center
Issue #1:
Impact: A malicious application may be able to access information about a user’s contacts
Description: A logic issue was addressed with improved restrictions.
CVE-2021-30895: Denis Tokarev
Issue #2:
Impact: A malicious application may be able to read user’s gameplay data
Description: A logic issue was addressed with improved restrictions.
CVE-2021-30896: Denis Tokarev
iCloud
Impact: A local attacker may be able to elevate their privileges
Description: This issue was addressed with improved checks.
CVE-2021-30906: Cees Elzinga
Intel Graphics Driver
Issue #1:
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved state management.
CVE-2021-30824: Antonio Zekic of Diverto
Issue #2:
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: Multiple out-of-bounds write issues were addressed with improved bounds checking.
CVE-2021-30901: Zuozhi Fan of Ant Security TianQiong Lab, Yinyi Wu of Ant Security Light-Year Lab, Jack Dates of RET2 Systems, Inc.
IOGraphics
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2021-30821: Tim Michaud of Zoom Video Communications
IOMobileFrameBuffer
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2021-30883: an anonymous researcher
Kernel
Issue #1:
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A use after free issue was addressed with improved memory management.
CVE-2021-30886: @0xalsr
Issue #2:
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2021-30909: Zweig of Kunlun Lab
Issue #3:
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2021-30916: Zweig of Kunlun Lab
LaunchServices
Impact: A sandboxed process may be able to circumvent sandbox restrictions
Description: A logic issue was addressed with improved state management.
CVE-2021-30864: Ron Hass of Perception Point
Login Window
Impact: A person with access to a host Mac may be able to bypass the Login Window in Remote Desktop for a locked instance of macOS
Description: This issue was addressed with improved checks.
CVE-2021-30813: Benjamin Berger of BBetterTech LLC, Peter Goedtkindt of Informatique-MTF S.A., an anonymous researcher
Model I/O
Issue #1:
Impact: Processing a maliciously crafted file may disclose user information
Description: An out-of-bounds read was addressed with improved bounds checking.
CVE-2021-30910: Mickey Jin (@patch1t) of Trend Micro
Issue #2:
Impact: Processing a maliciously crafted USD file may disclose memory contents
Description: An out-of-bounds read was addressed with improved bounds checking.
CVE-2021-30911: Rui Yang and Xingwei Lin of Ant Security Light-Year Lab
Sandbox
Impact: A local attacker may be able to read sensitive information
Description: A permissions issue was addressed with improved validation.
CVE-2021-30920: Csaba Fitzl of Offensive Security
SMB
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A race condition was addressed with improved locking.
CVE-2021-30868: Peter Nguyen Vu Hoang of STAR Labs
SoftwareUpdate
Issue #1:
Impact: A malicious application may gain access to a user’s Keychain items
Description: The issue was addressed with improved permissions logic.
CVE-2021-30912: Kirin and chenyuwang of Tencent Security Xuanwu Lab
Issue #2”
Impact: An unprivileged application may be able to edit NVRAM variables
Description: The issue was addressed with improved permissions logic.
CVE-2021-30913: Kirin and chenyuwang of Tencent Security Xuanwu Lab
UIKit
Impact: A person with physical access to an iOS device may be determine characteristics of a user’s password in a secure text entry field
Description: A logic issue was addressed with improved state management.
CVE-2021-30915: Kostas Angelopoulos
WebKit
Issue #1:
Impact: An attacker in a privileged network position may be able to bypass HSTS
Description: A logic issue was addressed with improved restrictions.
CVE-2021-30823: David Gullasch of Recurity Labs
Issue #2:
Impact: Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy
Description: A logic issue was addressed with improved restrictions.
CVE-2021-30887: Narendra Bhati of Suma Soft Pvt. Ltd.
Issue #3:
Impact: A malicious website using Content Security Policy reports may be able to leak information via redirect behavior
Description: An information leakage issue was addressed.
CVE-2021-30888: Prakash
Issue #4:
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: A buffer overflow issue was addressed with improved memory handling.
CVE-2021-30889: Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua wingtecher lab
Issue #5:
Impact: A malicious application may bypass Gatekeeper checks
Description: A logic issue was addressed with improved state management.
CVE-2021-30861: Wojciech Reguła, Ryan Pickren
Issue #6:
Impact: Processing maliciously crafted web content may lead to universal cross site scripting
Description: A logic issue was addressed with improved state management.
CVE-2021-30890: an anonymous researcher
Windows Server
Impact: A local attacker may be able to view the previous logged in user’s desktop from the fast user switching screen
Description: An authentication issue was addressed with improved state management.
CVE-2021-30908: ASentientBot
xar
Impact: Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files
Description: This issue was addressed with improved checks.
CVE-2021-30833: Richard Warren of NCC Group
zsh
Impact: A malicious application may be able to modify protected parts of the file system
Description: An inherited permissions issue was addressed with additional restrictions.
CVE-2021-30892: Jonathan Bar Or of Microsoft