Apple Fixed Two Actively Exploited Vulnerabilities in macOS 12.3.1 Monterey, But Hasn't Released Updates for Big Sur or Catalina

With the release of macOS Monterey 12.3.1 on Thursday, March 31, Apple addressed two critical vulnerabilities that may have been actively exploited in the wild, but as Intego pointed out this week, Apple left macOS Big Sur and macOS Catalina users vulnerable.

macOS Big Sur Feature Triad
The macOS Monterey 12.3.1 update fixed a pair of security flaws, including an AppleAVD issue that could allow an application to execute arbitrary code with kernel privileges and an Intel Graphics Driver issue that could allow an application to read kernel memory. Apple said that it was aware of reports that these vulnerabilities "may have been actively exploited," aka there are attacks that use these specific security holes.

Apple often provides security updates for macOS Catalina and macOS Big Sur users alongside macOS Monterey updates to make sure that Mac users who continue to run older operating systems remain protected. Apple has not done so in this case, and there are no security fixes for macOS 11 Big Sur or macOS 10.15 Catalina.

macOS Big Sur and macOS Catalina are still being supported with updates for notable vulnerabilities, so it is not clear why security fixes have not been released. According to Intego, this is the first time that Apple has not released simultaneous security patches for Big Sur and Catalina alongside fixes provided for macOS Monterey.

Big Sur remains vulnerable to CVE-2022-22675 (the AppleAVD bug), while CVE-2022-22674 (an Intel Graphics Driver bug) likely impacts both Big Sur and Catalina, based on research conducted by Intego.

There are some Mac users who choose to remain on Big Sur or Catalina who could install Monterey to get security fixes, but other Mac users have older hardware that is not able to be updated to Monterey, and these users have no way to address the security flaws that are now publicized.

Intego estimates that around 35 percent of Macs in use today could be affected by one or both vulnerabilities, and Apple has not responded to the site's request for an update on when security fixes might come out for Big Sur and Catalina.

Related Forums: macOS Catalina, macOS Big Sur

Popular Stories

maxresdefault

Five Features Coming to AirPods Pro 3

Friday June 27, 2025 10:52 am PDT by
Apple hasn't updated the AirPods Pro since 2022, and the earbuds are due for a refresh. We're counting on a new model this year, and we've seen several hints of new AirPods tucked away in Apple's code. Rumors suggest that Apple has some exciting new features planned that will make it worthwhile to upgrade to the latest model. Subscribe to the MacRumors YouTube channel for more videos. Heal...
iPhone Car Key WWDC 2025

Apple Announces 13 Automakers Planning to Offer iPhone Car Keys

Friday June 27, 2025 11:42 am PDT by
In 2020, Apple added a digital car key feature to its Wallet app, allowing users to lock, unlock, and start a compatible vehicle with an iPhone or Apple Watch. The feature is currently offered by select automakers, including Audi, BMW, Hyundai, Kia, Genesis, Mercedes-Benz, Volvo, and a handful of others, and it is set to expand further. During its WWDC 2025 keynote, Apple said that 13...
anker power bank recall

PSA: Anker Recalls Multiple Power Banks Due to Fire Risk

Friday June 27, 2025 4:16 pm PDT by
Popular accessory maker Anker this month launched two separate recalls for its power banks, some of which may be a fire risk. The first recall affects Anker PowerCore 10000 Power Banks sold between June 1, 2016 and December 31, 2022 in the United States. Anker says that these power banks have a "potential issue" with the battery inside, which can lead to overheating, melting of plastic...
Chase Sapphire Reserve Apple Perk Feature

Chase Sapphire Reserve Card Introduces New Perk for Apple Customers

Wednesday June 25, 2025 2:08 pm PDT by
Chase this week announced a series of new perks for its premium Sapphire Reserve credit card, and one of them is for a pair of Apple services. Specifically, the credit card now offers complimentary annual subscriptions to Apple TV+ and Apple Music, a value of up to $250 per year. If you are already paying for Apple TV+ and/or Apple Music directly through Apple, those subscriptions will...
A18 Pro Chip

New MacBook With A18 Pro Chip Spotted in Apple Code

Monday June 30, 2025 8:05 am PDT by
Apple is developing a MacBook with the A18 Pro chip, according to findings in backend code uncovered by MacRumors. Earlier today, Apple analyst Ming-Chi Kuo reported that Apple is planning to launch a low-cost MacBook powered by an iPhone chip. The machine is expected to feature a 13-inch display, the A18 Pro chip, and color options that include silver, blue, pink, and yellow. MacRumors...
iPhone 17 Pro Blue Feature Tighter Crop

iPhone 17 Pro Launching in a Few Months With These 12 New Features

Thursday June 26, 2025 2:00 am PDT by
Apple's next-generation iPhone 17 Pro and iPhone 17 Pro Max are around three months away, and there are plenty of rumors about the devices. Apple is expected to launch the iPhone 17, iPhone 17 Air, iPhone 17 Pro, and iPhone 17 Pro Max in September this year. Below, we recap key changes rumored for the iPhone 17 Pro models:Aluminum frame: iPhone 17 Pro models are rumored to have an...
macbook air spacegray purple

Apple Planning to Launch Low-Cost MacBook Powered By iPhone Chip

Monday June 30, 2025 3:20 am PDT by
Apple is planning to launch a low-cost MacBook powered by an iPhone chip, according to Apple analyst Ming-Chi Kuo. In an article published on X, Kuo explained that the device will feature a 13-inch display and the A18 Pro chip, making it the first Mac powered by an iPhone chip. The A18 Pro chip debuted in the iPhone 16 Pro last year. To date, all Apple silicon Macs have contained M-series...
CarPlay Ultra Climate Controls

Here's Which Vehicle Brands Will and Won't Offer Apple's CarPlay Ultra

Friday June 27, 2025 9:52 am PDT by
Apple last month announced the launch of CarPlay Ultra, the long-awaited next-generation version of its CarPlay software system for vehicles. There was news this week about which automakers will and won't offer CarPlay Ultra, and we have provided an updated list below. CarPlay Ultra is currently limited to newer Aston Martin vehicles in the U.S. and Canada. Fortunately, if you cannot...
apple watch ultra 2 new black

Apple Watch Ultra 3 Finally Coming After Two-Year Hiatus

Tuesday June 24, 2025 3:40 am PDT by
Apple will finally deliver the Apple Watch Ultra 3 sometime this year, according to analyst Jeff Pu of GF Securities Hong Kong (via @jukanlosreve). The analyst expects both the Apple Watch Series 11 and Apple Watch Ultra 3 to arrive this year (likely alongside the new iPhone 17 lineup, if previous launches are anything to go by), according to his latest product roadmap shared with...

Top Rated Comments

chucker23n1 Avatar
42 months ago

According to Intego, this is the first time that Apple has not released simultaneous patches for Big Sur and Catalina alongside a security update provided for macOS Monterey.
It's not.

Big Sur and Catalina did get theirs on the same day with 12.3:



But they didn't with 12.2.1:




So, it's not unprecedented for there to be a gap of a few days.

Attachment Image

Attachment Image
Score: 20 Votes (Like | Disagree)
KaliYoni Avatar
42 months ago
This is terrible on Apple's part because even Mac users who stay within the last two releases of macOS are, often unknowingly as Intego's research revealed, put at risk. Worse, the lack of any written support timeline makes it impossible to have any kind of rational upgrade plan.

----------
A good discussion about how macOS inconsistencies and opaque updates are hurting users, for anybody interested:

"As far as macOS goes, everyone will tell you that Apple supports the current version for about a year before it’s replaced by a new major release, then provides two years of security updates for it. The strange thing about that is Apple doesn’t seem to have committed that to writing, and I’ve searched long and hard for its official policy on many occasions. This article sets out what Apple has actually done over the last few years, from OS X Mavericks onwards."
https://eclecticlight.co/2021/09/22/how-long-does-apple-support-macos/
Score: 17 Votes (Like | Disagree)
ouimetnick Avatar
42 months ago
Wish they still actively supported macOS Mojave.. Folks still use that OS for certain things (32 bit apps, dashboard, iTunes, etc)
Score: 17 Votes (Like | Disagree)
Bokito Avatar
42 months ago
Apple is more and more pushing users to use the latest OS. That they removed the option to hide the nagging notification of new OS versions with a security update was just the start. Just providing a single patch for iOS 14 after the iOS 15 launch after promising 'it would continue to receive update' was a big FU to users.

I'm using a lot of apps that are too complex to be fully compatible with a new OS on day one, so I'm still running Big Sur. I'm not sure why Apple isn't updating Big Sur and Catalina. They really should communicate about it, but Apple's communication is lacking lately. I don't see why they can't backport the fixes with minimal effort certainly if they're actively exploited.
Score: 15 Votes (Like | Disagree)
sw1tcher Avatar
42 months ago

Every company has limited engineering resources and Apple is no different.

Ideally, everything is updated at the same time with no bugs. Realistically, Apple needs to focus on the latest OS and most recent devices.
Apple, a nearly $3 trillion company, with limited engineering resources? ?

How is it that a smaller company like Microsoft can offer a much longer support window than Apple? Take a look at Windows 10. It came out on Jul 29, 2015 and Microsoft will be supporting it until Oct 14, 2025 ('https://docs.microsoft.com/en-us/lifecycle/products/windows-10-home-and-pro')

5 years of mainstream support from the release date and 10 years of extended support is pretty darn impressive.
Score: 8 Votes (Like | Disagree)
visualseed Avatar
42 months ago
I have a 2012 Mac Mini that is on the beta track for Catalina and just got notified of an update

"macOS Catalina Security Update Developer Beta 2022-004 10.15.7"

So I suspect it's in the pipe for a GM release.
Score: 7 Votes (Like | Disagree)