Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Apple Patches Hundreds of Vulnerabilities Across Product Lines

Apple Patches Desktop, Mobile, Wearable Platforms to Fix More than 200 Security Vulnerabilities

Apple Patches Desktop, Mobile, Wearable Platforms to Fix More than 200 Security Vulnerabilities

Apple on Monday released security patches for its macOS and macOS Server, iOS, watchOS, tvOS, Safari, and Pages, to address over 200 vulnerabilities.

No less than 127 vulnerabilities were addressed with the release of macOS Sierra 10.12.4 (and Security Update 2017-001 El Capitan and Security Update 2017-001 Yosemite). These affected components such as apache, Audio, Bluetooth, FontParser, ImageIO, IOFireWireAVC, Kernel, OpenSSH, OpenSSL, QuickTime, Security, tcpdump, tiffutil, and WebKit.

tcpdump was affected the most, as the tech giant resolved 41 vulnerabilities in this component alone. By leveraging these flaws, an attacker in a privileged network position could be able to execute arbitrary code with user assistance, Apple notes in its advisory. The company also resolved 11 bugs in Kernel and 8 flaws in tiffutil.

Some of the flaws resolved in macOS Sierra 10.12.4 include memory corruption, inconsistent user interface issues, out-of-bound read, access and validation issues, buffer overflow, uncontrolled format string, timing side channel bug, profile uninstallation issue, use after free, and race condition. Many were addressed by improved input validation or improved memory handling.

Tracked as CVE-2017-2485 and discovered by Cisco Talos, a memory corruption issue was found in the parsing of certificates and was addressed through improved input validation. According to Apple, the issue could lead to arbitrary code execution when processing a maliciously crafted x509 certificate. Talos reveals that this use-after-free vulnerability (which affects iOS as well) manifests due to improper handling of X.509v3 certificate extensions fields.

“An application that passes a malicious certificate to the certificate validation agent could trigger this vulnerability. Possible scenarios where this could be exploited include users connecting to a website which serves a malicious certificate to the client, Mail.app connecting to a mail server that provides a malicious certificate, or opening a malicious certificate file to import into the keychain,” the researchers say.

The macOS Sierra 10.12.4 update also includes the security content of Safari 10.1, Apple says. In a separate advisory, the company explains that 38 bugs were squashed in the browser, 33 of which affect WebKit (three were found in WebKit JavaScript Bindings and WebKit Web Inspector). The security update addresses memory corruption, prototype access, keychain handling, information disclosure, and validation issues.

iOS 10.3 was released on Monday with fixes for 84 flaws affecting Accounts, Audio, CoreGraphics, CoreText, FontParser, ImageIO, Kernel, libarchive, Profiles, Safari, Security, and WebKit, among other components (many of the fixed issues were impacting macOS, Safari).

Some of the addressed flaws include a buffer overflow in the handling of font files, an infinite recursion, multiple memory corruption issues, out-of-bounds read bugs, or the sending of requests to iTunes sandbox web services in cleartext. Affecting how Safari handles JavaScript pop-ups, one of the flaws was abused by attackers to lock victims from using the browser and scare them into paying a ransom in the form of an iTunes Gift Card.

Also released on Monday, tvOS 10.2 addresses 56 bugs, while watchOS 3.2 resolves 34 of them. Additionally, Apple pushed out macOS Server 5.3 to resolve 3 vulnerabilities (in Profile Manager, Web Server, and Wiki Server), and Pages 6.1, Numbers 4.1, and Keynote 7.1 for Mac and Pages 3.1, Numbers 3.1, and Keynote 3.1 for iOS, to address one issue in Export.

Related: Apple, Google Say Users Protected Against CIA Exploits

Related: Apple Patches Code Execution Flaw in GarageBand

Related: Apple Patches Dozens of Vulnerabilities Across Product Lines

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.