Apple Clears OS Vulnerabilities

Thursday, July 20, 2017 @ 05:07 PM gHale


Apple released security updates for multiple operating systems.

The updates are for iOS, macOS – which includes Sierra, El Capitan and Yosemite – Safari, iCloud, iTunes, watchOS and tvOS.

RELATED STORIES
Apple Cleanse: App Store Clean Out
Apple Releases Security Updates
OSX Malware Pilfers Data
Apple Releases Emergency Patch

Apple fixed 37 vulnerabilities with the release of macOS Sierra 10.12.6 (and Security Update 2017-003 El Capitan and Security Update 2017-003 Yosemite). Most of the issues could result in arbitrary code execution. Components that could suffer from the issues include audio, Bluetooth, contacts, Intel graphics driver, kernel, libarchive, and libxml2, Apple said in a release.

The update iOS 10.3.3 cleared 47 vulnerabilities, most of which dealt with arbitrary code execution. WebKit was the most affected component, with over 20 holes found and filled.

Apple released a patch for a critical flaw in some Broadcom Wi-Fi chipsets, which could end up leveraged to execute arbitrary code on the Wi-Fi chip included in vulnerable macOS, iOS, watchOS and tvOS devices.

The vulnerability labeled Broadpwn ended up discovered by Nitay Artenstein of Exodus Intelligence.

The exploit does not require user interaction to work, but the attacker must be within range of the target device.



Leave a Reply

You must be logged in to post a comment.