⚡ TL;DR | Go Straight to the macOS version audit
Apple has released security updates for several operating systems. MacOS Monterey 12.6.3, Big Sur 11.7.3, and Ventura 13.2 all come with a slew of security fixes. MacOS Ventura 3.2 also offers a number of further improvements on top of those.
Updates for MacOS Monterey, Big Sur, and Ventura
The main focus of Apple’s latest updates is on security content. The updates contain fixes for 18 vulnerabilities in Monterey, 8 in Big Sur, and 26 in Ventura. As always, Apple only discloses details surrounding known vulnerabilities when patches or releases are available. You can find a list of all vulnerabilities addressed in the updates below, or you can head over to Apple’s own security pages to get the full details, using the link below.
- Security content of macOS Monterey 12.6.3
- Security content of macOS Big Sur 11.7.3
- Security content of macOS Ventura 13.2
MacOS Ventura 13.2
Besides the 26 security fixes, macOS Ventura also received a number of new features. The most main one would be the Security Keys for Apple ID. The need for a physical security key adds an extra layer of security to your account. The update also fixes some issues in Freeform and VoiceOver. You can find the details here on Apple’s own blog.
Run the MacOS Update Audit Report
Our security experts have issued a dedicated macOS Audit Report that gives you an overview of all devices that haven’t received the latest update. This way you have an actionable list of devices that still need to be updated.
MacOS Monterey 12.6.3, Big Sur 11.7.3, and Ventura 13.2 Security Content
| CVE | Impact | macOS |
| CVE-2023-23499 | An app may be able to access user-sensitive data | Ventura, Big Sur, Monterey |
| CVE-2022-42915 | Multiple issues in curl | Ventura, Monterey |
| CVE-2022-42916 | Multiple issues in curl | Ventura, Monterey |
| CVE-2022-32221 | Multiple issues in curl | Ventura, Monterey |
| CVE-2022-35260 | Multiple issues in curl | Ventura, Monterey |
| CVE-2023-23513 | Mounting a maliciously crafted Samba network share may lead to arbitrary code execution | Ventura, Big Sur, Monterey |
| CVE-2023-23493 | An encrypted volume may be unmounted and remounted by a different user without prompting for the password | Ventura, Monterey |
| CVE-2023-23519 | Processing an image may lead to a denial-of-service | Ventura |
| CVE-2023-23507 | An app may be able to execute arbitrary code with kernel privileges | Ventura, Monterey |
| CVE-2023-23500 | An app may be able to leak sensitive kernel state | Ventura |
| CVE-2023-23502 | An app may be able to determine kernel memory layout | Ventura, Monterey |
| CVE-2023-23504 | An app may be able to execute arbitrary code with kernel privileges | Ventura, Monterey |
| CVE-2023-23506 | An app may be able to access user-sensitive data | Ventura |
| CVE-2023-23498 | The quoted original message may be selected from the wrong email when forwarding an email from an Exchange account | Ventura |
| CVE-2023-23503 | An app may be able to bypass Privacy preferences | Ventura |
| CVE-2023-23497 | An app may be able to gain root privileges | Ventura, Big Sur, Monterey |
| CVE-2023-23510 | An app may be able to access a user’s Safari history | Ventura |
| CVE-2023-23512 | Visiting a website may lead to an app denial-of-service | Ventura, Big Sur |
| CVE-2023-23505 | An app may be able to access information about a user’s contacts | Ventura, Monterey |
| CVE-2022-3705 | Multiple issues in Vim | Ventura |
| CVE-2023-23511 | An app may be able to bypass Privacy preferences | Ventura, Monterey |
| CVE-2023-23496 | Processing maliciously crafted web content may lead to arbitrary code execution | Ventura |
| CVE-2023-23518 | Processing maliciously crafted web content may lead to arbitrary code execution | Ventura, Big Sur, Monterey |
| CVE-2023-23517 | Processing maliciously crafted web content may lead to arbitrary code execution | Ventura, Big Sur, Monterey |
| CVE-2023-23501 | An app may be able to disclose kernel memory | Ventura |
| CVE-2023-23508 | An app may be able to bypass Privacy preferences | Ventura, Big Sur, Monterey |
| CVE-2022-35252 | Multiple issues in curl | Big Sur, Monterey |
| CVE-2022-32915 | An app may be able to execute arbitrary code with kernel privileges | Monterey |