Apple Fixed Two Actively Exploited Vulnerabilities in macOS 12.3.1 Monterey, But Hasn't Released Updates for Big Sur or Catalina
With the release of macOS Monterey 12.3.1 on Thursday, March 31, Apple addressed two critical vulnerabilities that may have been actively exploited in the wild, but as Intego pointed out this week, Apple left macOS Big Sur and macOS Catalina users vulnerable.

The macOS Monterey 12.3.1 update fixed a pair of security flaws, including an AppleAVD issue that could allow an application to execute arbitrary code with kernel privileges and an Intel Graphics Driver issue that could allow an application to read kernel memory. Apple said that it was aware of reports that these vulnerabilities "may have been actively exploited," aka there are attacks that use these specific security holes.
Apple often provides security updates for macOS Catalina and macOS Big Sur users alongside macOS Monterey updates to make sure that Mac users who continue to run older operating systems remain protected. Apple has not done so in this case, and there are no security fixes for macOS 11 Big Sur or macOS 10.15 Catalina.
macOS Big Sur and macOS Catalina are still being supported with updates for notable vulnerabilities, so it is not clear why security fixes have not been released. According to Intego, this is the first time that Apple has not released simultaneous security patches for Big Sur and Catalina alongside fixes provided for macOS Monterey.
Big Sur remains vulnerable to CVE-2022-22675 (the AppleAVD bug), while CVE-2022-22674 (an Intel Graphics Driver bug) likely impacts both Big Sur and Catalina, based on research conducted by Intego.
There are some Mac users who choose to remain on Big Sur or Catalina who could install Monterey to get security fixes, but other Mac users have older hardware that is not able to be updated to Monterey, and these users have no way to address the security flaws that are now publicized.
Intego estimates that around 35 percent of Macs in use today could be affected by one or both vulnerabilities, and Apple has not responded to the site's request for an update on when security fixes might come out for Big Sur and Catalina.
Popular Stories
The iPhone 15 Pro Max will have the thinnest bezels of any smartphone, beating the record currently held by the Xiaomi 13. That's according to the leaker known as "Ice Universe," who has divulged accurate information about Apple's plans in the past.
Both iPhone 15 Pro models are expected to have thinner, curved bezels compared to the iPhone 14 Pro, potentially resulting in an Apple...
While year-over-year iPhone upgrades are not always groundbreaking, new features can begin to stack up over multiple generations. For example, the iPhone 15 Pro will be a notable upgrade for those who still have a three-year-old iPhone 12 Pro.
If you are still using an iPhone 12 Pro and are considering upgrading to the iPhone 15 Pro when it launches later this year, we have put together a...
While the iPhone 15 lineup is around six months away, there have already been plenty of rumors about the devices. Many new features and changes are expected for the iPhone 15 Pro models in particular, including a titanium frame and more.
Below, we have recapped 11 features rumored for iPhone 15 Pro models that are not expected to be available on the standard iPhone 15 and iPhone 15 Plus:A17...
Apple's high-end iPhone models have started at $999 in the U.S. since they first launched back in 2017 with the iPhone X, but could this finally be the year that starting price sees an increase?
This week also saw some more rumors about Apple's upcoming headset and the company's explorations in the booming AI industry as well as the release of a new round of beta updates, so read on for all...
Apple's next-generation iPhone 15 Pro and iPhone 15 Pro Max will likely be more expensive than previous Pro models, according to Jeff Pu, a tech analyst at Hong Kong-based investment firm Haitong International Securities.
In a research note this week, Pu predicted the iPhone 15 Pro models will see a price increase due to several rumored hardware upgrades, including a titanium frame,...
A first-generation iPhone still sealed inside its box sold for $54,904 at auction, which is more than $54,000 over the original $599 price tag of the device when it was released in 2007.
The original iPhone was put up for sale by RR Auction on behalf of a former Apple employee who purchased it back when it first came out. Back in February, an original, sealed iPhone sold for over $63,000,...
Top Rated Comments
Big Sur and Catalina did get theirs on the same day with 12.3:
But they didn't with 12.2.1:
So, it's not unprecedented for there to be a gap of a few days.
----------
A good discussion about how macOS inconsistencies and opaque updates are hurting users, for anybody interested:
"As far as macOS goes, everyone will tell you that Apple supports the current version for about a year before it’s replaced by a new major release, then provides two years of security updates for it. The strange thing about that is Apple doesn’t seem to have committed that to writing, and I’ve searched long and hard for its official policy on many occasions. This article sets out what Apple has actually done over the last few years, from OS X Mavericks onwards."
https://eclecticlight.co/2021/09/22/how-long-does-apple-support-macos/
I'm using a lot of apps that are too complex to be fully compatible with a new OS on day one, so I'm still running Big Sur. I'm not sure why Apple isn't updating Big Sur and Catalina. They really should communicate about it, but Apple's communication is lacking lately. I don't see why they can't backport the fixes with minimal effort certainly if they're actively exploited.
How is it that a smaller company like Microsoft can offer a much longer support window than Apple? Take a look at Windows 10. It came out on Jul 29, 2015 and Microsoft will be supporting it until Oct 14, 2025 ('https://docs.microsoft.com/en-us/lifecycle/products/windows-10-home-and-pro')
5 years of mainstream support from the release date and 10 years of extended support is pretty darn impressive.
"macOS Catalina Security Update Developer Beta 2022-004 10.15.7"
So I suspect it's in the pipe for a GM release.