macOS Big Sur 11.6.3 Security Update Release Date: January 26, 2022 Vulnerabilities and Fixes Audio - CVE-2021-30960: Buffer overflow issue addressed with improved memory handling. Reported by JunDong Xie of Ant Security Light-Year Lab. iCloud - CVE-2022-22585: Path validation logic for symlinks issue addressed. Reported by Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab. IOMobileFramebuffer - CVE-2022-22587: Memory corruption issue addressed with improved input validation. Reported by an anonymous researcher, Meysam Firouzi (@R00tkitSMM), and Siddharth Aeri (@b1n4r1b01). Kernel - CVE-2022-22593: Buffer overflow issue addressed with improved memory handling. Reported by Peter Nguyễn Vũ Hoàng of STAR Labs. Model I/O - CVE-2022-22579: Information disclosure issue addressed with improved state management. Reported by Mickey Jin (@patch1t) of Trend Micro. PackageKit - CVE-2022-22583: Permissions issue addressed with improved validation. Reported by Ron Hass (@ronhass7) of Perception Point and Mickey Jin (@patch1t). TCC - CVE-2021-30972, CVE-2021-30972: Improved checks for certain Privacy preferences. Reported by Xuxiang Yang (@another1024), Zhipeng Huo (@R3dF09), Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab, Csaba Fitzl (@theevilbit) of Offensive Security, jhfsts (@patch1t), and Wojciech Reguła (@_r3ggi). Additional Recognition Kernel: Acknowledges Tao Huang for assistance. Metal: Acknowledges Tao Huang for assistance. PackageKit: Acknowledges Mickey Jin (@patch1t) of Trend Micro for assistance.