Apple fixes active zero-day vuln with macOS 12.2.1, iOS 15.3.1, Safari 15.3

Posted on February 10th, 2022 by

On Thursday, Apple released security updates for macOS Monterey, iOS, iPadOS, and Safari to fix an actively exploited vulnerability.

Apple describes the single vulnerability as follows:


Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Available for: macOS Monterey

Available for: macOS Big Sur and macOS Catalina [as Safari 15.3]


Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.


Description: A use after free issue was addressed with improved memory management.


CVE-2022-22620: an anonymous researcher

Little additional information is available about this specific vulnerability. However, given that Apple says that it “may have been active exploited”—meaning that it has reportedly been used in at least one in-the-wild attack—it’s important to update quickly.

After installing the latest updates, the new version numbers will be as follows:

  • iOS 15.3.1
  • iPadOS 15.3.1
  • macOS Monterey 12.2.1
  • Safari 15.3 (build number 16612. for Big Sur, or 15612. for Catalina)

The “actively exploited” nature of this vulnerability has prompted the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to order federal agencies to patch their affected systems no later than February 25.

Apple also released watchOS 8.4.2 on Thursday, which contained “no published CVE entries”—meaning that if any security updates were included, Apple is not disclosing them at this time.

It is unclear whether other Apple software, such as watchOS, tvOS, and iCloud for Windows, may require WebKit updates to address this vulnerability as well. If so, Apple may release additional updates in the near future.

How to update to iOS 15.3.1 and iPadOS 15.3.1

To install the latest iOS or iPadOS updates, check the Settings app on your device: Settings > General > Software Update. The process is the same regardless of whether you use an iPhone, iPad, or iPod touch.

How to install watchOS 8.4.2

To install the latest watchOS update, make sure your iPhone is up to date first. Then ensure that your phone and watch are both connected to the same Wi-Fi network, and that your watch battery is charged to at least a 50%. Then open the Watch app on your phone, and tap General > Software Update.

How to update to the latest macOS and Safari versions

You can get the latest macOS version (or Safari version) that’s compatible with your Mac by clicking on Apple menuSystem Preferences… > Software Update.

If your Mac is running macOS High Sierra or older, look for macOS Monterey in the App Store and download it from there.

Note that although Apple released Safari updates for macOS Big Sur and macOS Catalina, it is best to upgrade to macOS Monterey if possible. Apple does not patch every security issue for older macOS versions; see Apple’s Poor Patching Policies Potentially Make Users’ Security and Privacy Precarious.

Apple’s Poor Patching Policies Potentially Make Users’ Security and Privacy Precarious

How to back up your Apple device before updating it

Whether you’re using iOS, iPadOS, or macOS, always back up your data before installing any updates. This gives you a restore point if something does not go as planned.

For details on how to back up your iPhone to your Mac or to iCloud (or both), see Should You Back Up Your iOS Device to iCloud or Your Mac?

Should You Back Up Your iOS Device to iCloud or Your Mac?

For backing up your Mac, it’s ideal to follow a “3-2-1 backup strategy,” and to occasionally verify that your Mac is backing up successfully.

Data Backup Plan: How to Implement the 3-2-1 Backup Strategy

How to Verify Your Backups are Working Properly

How can I learn more?

Each week on the Intego Mac Podcast, Intego’s Mac security experts discuss the latest Apple news, security and privacy stories, and offer practical advice on getting the most out of your Apple devices. Be sure to follow the podcast to make sure you don’t miss any episodes!

You can also subscribe to our e-mail newsletter and keep an eye here on The Mac Security Blog for the latest Apple security and privacy news. And don’t forget to follow Intego on your favorite social media channels: Follow Intego on Twitter Follow Intego on Facebook Follow Intego on YouTube Follow Intego on Pinterest Follow Intego on LinkedIn Follow Intego on Instagram Follow the Intego Mac Podcast on Apple Podcasts

About Joshua Long

Joshua Long (@theJoshMeister), Intego's Chief Security Analyst, is a renowned security researcher, writer, and public speaker. Josh has a master's degree in IT concentrating in Internet Security and has taken doctorate-level coursework in Information Security. Apple has publicly acknowledged Josh for discovering an Apple ID authentication vulnerability. Josh has conducted cybersecurity research for more than 20 years, which has often been featured by major news outlets worldwide. Look for more of Josh's articles at and follow him on Twitter. View all posts by Joshua Long →