Apple Fixed Two Actively Exploited Vulnerabilities in macOS 12.3.1 Monterey, But Hasn't Released Updates for Big Sur or Catalina

by

With the release of macOS Monterey 12.3.1 on Thursday, March 31, Apple addressed two critical vulnerabilities that may have been actively exploited in the wild, but as Intego pointed out this week, Apple left macOS Big Sur and macOS Catalina users vulnerable.

macOS Big Sur Feature Triad
The macOS Monterey 12.3.1 update fixed a pair of security flaws, including an AppleAVD issue that could allow an application to execute arbitrary code with kernel privileges and an Intel Graphics Driver issue that could allow an application to read kernel memory. Apple said that it was aware of reports that these vulnerabilities "may have been actively exploited," aka there are attacks that use these specific security holes.

Apple often provides security updates for macOS Catalina and macOS Big Sur users alongside macOS Monterey updates to make sure that Mac users who continue to run older operating systems remain protected. Apple has not done so in this case, and there are no security fixes for macOS 11 Big Sur or macOS 10.15 Catalina.

macOS Big Sur and macOS Catalina are still being supported with updates for notable vulnerabilities, so it is not clear why security fixes have not been released. According to Intego, this is the first time that Apple has not released simultaneous security patches for Big Sur and Catalina alongside fixes provided for macOS Monterey.

Big Sur remains vulnerable to CVE-2022-22675 (the AppleAVD bug), while CVE-2022-22674 (an Intel Graphics Driver bug) likely impacts both Big Sur and Catalina, based on research conducted by Intego.

There are some Mac users who choose to remain on Big Sur or Catalina who could install Monterey to get security fixes, but other Mac users have older hardware that is not able to be updated to Monterey, and these users have no way to address the security flaws that are now publicized.

Intego estimates that around 35 percent of Macs in use today could be affected by one or both vulnerabilities, and Apple has not responded to the site's request for an update on when security fixes might come out for Big Sur and Catalina.

Related Forums: macOS Catalina, macOS Big Sur

Popular Stories

iPhone 17 Roundup Feature 2

iPhone Design to Change 'Significantly' This Year

Monday February 17, 2025 7:09 am PST by
Apple is set to "significantly change" the iPhone's design language later this year, according to a Weibo leaker. In a new post, the user known "Digital Chat Station" said that the iPhone's design is "starting to change significantly" this year. The "iPhone 17 Air" reportedly features a "horizontal, bar-shaped" design on the rear, likely referring to an elongated camera bump. On the other...
Read Full Article241 comments
Apple iPhone 16e Feature

Apple Announces iPhone 16e With A18 Chip and Apple Intelligence, Pricing Starts at $599

Wednesday February 19, 2025 8:02 am PST by
Apple today introduced the iPhone 16e, its newest entry-level smartphone. The device succeeds the third-generation iPhone SE, which has now been discontinued. The iPhone 16e features a larger 6.1-inch OLED display, up from a 4.7-inch LCD on the iPhone SE. The display has a notch for Face ID, and this means that Apple no longer sells any iPhones with a Touch ID fingerprint button, marking the ...
Read Full Article565 comments
iOS 18

iOS 18.4 Coming Next Week With These New Features for Your iPhone

Friday February 14, 2025 6:18 am PST by
The first iOS 18.4 beta for iPhones should be just around the corner, and the update is expected to include many new features and changes. Bloomberg's Mark Gurman expects the iOS 18.4 beta to be released by next week. Below, we outline what to expect from iOS 18.4 so far. Apple Intelligence for Siri Siri is expected to get several enhancements powered by Apple Intelligence on iOS...
Read Full Article
apple launch feb 2025

Tim Cook Teases an 'Apple Launch' Next Wednesday

Thursday February 13, 2025 8:07 am PST by
In a social media post today, Apple CEO Tim Cook teased an upcoming "launch" of some kind scheduled for Wednesday, February 19. "Get ready to meet the newest member of the family," he said, with an #AppleLaunch hashtag. The post includes a short video with an animated Apple logo inside a circle. Cook did not provide an exact time for the launch, or share any other specific details, so...
Read Full Article286 comments
iphone 17 pro asherdipps

iPhone 17 Pro Models Rumored to Feature Aluminum Frame Instead of Titanium Frame

Tuesday February 18, 2025 12:02 pm PST by
Over the years, Apple has switched from an aluminum frame to a stainless steel frame to a titanium frame for its highest-end iPhones. And now, it has been rumored that Apple will go back to using aluminum for three out of four iPhone 17 models. In an investor note with research firm GF Securities, obtained by MacRumors this week, Apple supply chain analyst Jeff Pu said the iPhone 17, iPhone...
Read Full Article165 comments
Apple 2025 Thumb 1

Two of Apple's Oldest Products Are Finally Getting Updated This Year

Friday February 14, 2025 6:03 am PST by
Apple released the HomePod mini in November 2020, followed by the AirTag in May 2021, and both still remain first-generation products. Fortunately, rumors suggest that both the HomePod mini and the AirTag will finally be updated at some point this year. Below, we recap rumors about the HomePod mini 2 and AirTag 2. HomePod mini 2 In January 2025, Bloomberg's Mark Gurman said Apple is ...
Read Full Article
macbook air blue

Gurman: M4 MacBook Air Models to Launch by March 'At the Latest'

Monday February 17, 2025 2:30 am PST by
Apple will begin selling new MacBook Air models featuring its latest M4 chip by March "at the latest," mirroring the time frame of the M3 MacBook Air launch last year, according to Bloomberg's Mark Gurman. Apple last updated the MacBook Air line in March 2024. Gurman's comments appeared in his latest Power On newsletter, suggesting the reporter is no further forward on learning the exact...
Read Full Article64 comments
iPhone 17 Air Front Page Tech 2

'iPhone 17 Air' With Ultra-Thin Design Allegedly Revealed in New Video

Monday February 17, 2025 6:53 pm PST by
YouTube channel Front Page Tech today revealed the alleged design of Apple's widely-rumored "iPhone 17 Air" model, set to launch later this year. "iPhone 17 Air" render created by @zellzoi for Front Page Tech In a video uploaded today, Front Page Tech shared renders depicting what it believes is likely the final design of the "iPhone 17 Air." The device is expected to feature an ultra-thin...
Read Full Article118 comments

Top Rated Comments

chucker23n1 Avatar
chucker23n1
38 months ago

According to Intego, this is the first time that Apple has not released simultaneous patches for Big Sur and Catalina alongside a security update provided for macOS Monterey.
It's not.

Big Sur and Catalina did get theirs on the same day with 12.3:



But they didn't with 12.2.1:




So, it's not unprecedented for there to be a gap of a few days.

Attachment Image

Attachment Image
Score: 20 Votes (Like | Disagree)
KaliYoni Avatar
KaliYoni
38 months ago
This is terrible on Apple's part because even Mac users who stay within the last two releases of macOS are, often unknowingly as Intego's research revealed, put at risk. Worse, the lack of any written support timeline makes it impossible to have any kind of rational upgrade plan.

----------
A good discussion about how macOS inconsistencies and opaque updates are hurting users, for anybody interested:

"As far as macOS goes, everyone will tell you that Apple supports the current version for about a year before it’s replaced by a new major release, then provides two years of security updates for it. The strange thing about that is Apple doesn’t seem to have committed that to writing, and I’ve searched long and hard for its official policy on many occasions. This article sets out what Apple has actually done over the last few years, from OS X Mavericks onwards."
https://eclecticlight.co/2021/09/22/how-long-does-apple-support-macos/
Score: 17 Votes (Like | Disagree)
ouimetnick Avatar
ouimetnick
38 months ago
Wish they still actively supported macOS Mojave.. Folks still use that OS for certain things (32 bit apps, dashboard, iTunes, etc)
Score: 17 Votes (Like | Disagree)
Bokito Avatar
Bokito
38 months ago
Apple is more and more pushing users to use the latest OS. That they removed the option to hide the nagging notification of new OS versions with a security update was just the start. Just providing a single patch for iOS 14 after the iOS 15 launch after promising 'it would continue to receive update' was a big FU to users.

I'm using a lot of apps that are too complex to be fully compatible with a new OS on day one, so I'm still running Big Sur. I'm not sure why Apple isn't updating Big Sur and Catalina. They really should communicate about it, but Apple's communication is lacking lately. I don't see why they can't backport the fixes with minimal effort certainly if they're actively exploited.
Score: 15 Votes (Like | Disagree)
sw1tcher Avatar
sw1tcher
38 months ago

Every company has limited engineering resources and Apple is no different.

Ideally, everything is updated at the same time with no bugs. Realistically, Apple needs to focus on the latest OS and most recent devices.
Apple, a nearly $3 trillion company, with limited engineering resources? ?

How is it that a smaller company like Microsoft can offer a much longer support window than Apple? Take a look at Windows 10. It came out on Jul 29, 2015 and Microsoft will be supporting it until Oct 14, 2025 ('https://docs.microsoft.com/en-us/lifecycle/products/windows-10-home-and-pro')

5 years of mainstream support from the release date and 10 years of extended support is pretty darn impressive.
Score: 8 Votes (Like | Disagree)
visualseed Avatar
visualseed
38 months ago
I have a 2012 Mac Mini that is on the beta track for Catalina and just got notified of an update

"macOS Catalina Security Update Developer Beta 2022-004 10.15.7"

So I suspect it's in the pipe for a GM release.
Score: 7 Votes (Like | Disagree)
Read All Comments