In October, we got several security and software updates for Android, iOS, Windows, Chrome, and Zoom. New patches and fixes for important security vulnerabilities, bugs, and improved security features. These updates are automatically downloaded to devices if the device is set to auto-download. But if the automatic download is disabled, updating the software with the latest patches is highly recommended to keep your device safe.
Here is the list of the latest patches rolled out by Apple, Google, Microsoft, and Zoom that your device should update at the earliest.
Apple iOS 16.1 and iPadOS 16 update
Apple released iOS 16.1 and iPadOS 16 right after the release of the latest iPad lineup. Both have a list of security fixes that include a zero-day vulnerability. The OS update fixes a total of 20 vulnerabilities, three of which are in the kernel, the core component of the iPhone’s operating system. The iOS 16.1 also fixes four flaws in WebKit, the engine that powers the Safari browser, two of which could be used to execute code.
New Google Android update fixes system bugs
Google released the October Android Security Bulletin with patches for 33 kernel and vendor-related flaws and 15 Framework and Systems. One vulnerability in the Framework component is a serious security issue that could result in local network access and is designated CVE-2022-20419. This update is now available for Samsung Galaxy S21, S22, Galaxy S21 FE and Pixel devices.
Google emergency update for Chrome
Google released another emergency update for Google Chrome users to address a type of confusion vulnerability in the V8 JavaScript engine. Classified as CVE-2022-3723, the flaw could be used to run programs and take over system controls. Google also released Chrome 106 earlier this month, fixing six high-severity vulnerabilities.
Microsoft patch
Microsoft also released its security fixes for the Windows operating system (OS), targeting 84 flaws. 13 of the laws listed are rated critical. The Windows COM+ Event System service is LAO vulnerable to one of the elevations of privilege flaws, tracked as CVE-2022-41033. The vulnerability is critical and affects almost all versions of Windows. If exploited, it could be combined with other bugs to hack into someone’s computer.
Zoom resolves high-security issues in Zoom meetings
The Zoom October patches include a flaw in its Zoom client for meetings. Addressed as CVE-2022-28763, the security issue is marked as High in severity with a CVSS score of 8.8. Describe the malware; Zoom cited in its security bulletin that “if a malicious Zoom meeting URL is opened, the link can direct the user to connect to an arbitrary network address, leading to additional attacks including takeover of session”. Users using Zoom version 5.12. 2 are recommended to update the software to avoid a security breach.