News

Apple hasn’t patched two zero-day, wild vulnerabilities in macOS Big Sur, Catalina

Apple “has chosen to leave an estimated 35–40% of all supported Macs in danger of actively exploited vulnerabilities,” reports The Mac Security Blog.

Last week Apple patched two “actively exploited” (i.e. in-the-wild, zero-day) security vulnerabilities for macOS with macOS 12.3.1. However, after nearly a week, Apple still hasn’t released corresponding security updates to address the same vulnerabilities in the two previous macOS versions, Big Sur (macOS 11) and Catalina (macOS 10.15).

From The Mac Security Blog: Both of these macOS versions are ostensibly still receiving patches for “significant vulnerabilities”—and actively exploited zero-day vulnerabilities certainly qualify as significant. Apple has maintained the practice of patching the two previous macOS versions alongside the current macOS version for nearly a decade. But now, Apple has neglected to patch both Big Sur and Catalina to address the latest actively exploited vulnerabilities.

Dennis Sellers
the authorDennis Sellers
Dennis Sellers is the editor/publisher of Apple World Today. He’s been an “Apple journalist” since 1995 (starting with the first big Apple news site, MacCentral). He loves to read, run, play sports, and watch movies.