Apple on Monday released a new set of security updates to address more than 100 vulnerabilities in its products, including five that were disclosed at Pwn2Own in March 2017.
Four of the 37 bugs resolved in macOS Sierra 10.12.5 were disclosed at Pwn2Own: a Use-After-Free Privilege Escalation in IOGraphics (CVE-2017-2545), a Stack-based Buffer Overflow Privilege Escalation in WindowServer (CVE-2017-2541), an Information Disclosure in WindowServer (CVE-2017-2540), and an Unsigned Dylib Loading Privilege Escalation in Speech Framework (CVE-2017-6977).
The platform release also resolved issues in 802.1X, Accessibility Framework, CoreAnimation, CoreAudio, HFS, iBooks, Intel Graphics Driver, IOSurface, Kernel, Multi-Touch, NVIDIA Graphics Drivers, Sandbox, SQLite, and TextInput.
Exploitation of these bugs could lead to the capturing of user network credentials, arbitrary code execution, privilege escalation, sandbox escape, reading of restricted memory, the opening of arbitrary websites without user permission.
The newly released iOS 10.3.2 patches 41 bugs affecting AVEVideoEncoder, CoreAudio, iBooks, IOSurface, Kernel, Notifications, Safari, Security, SQLite, TextInput, and WebKit. The flaws could result in privilege escalation, arbitrary code execution, denial of service, reading of restricted memory, the execution of unsigned code, and universal cross site scripting.
A total of 26 vulnerabilities were resolved with the release of Safari 10.1.1. Two issues were addressed in Safari and could result in application denial of service or address bar spoofing, while the remaining 24 were patched in WebKit and could lead to arbitrary code execution, universal cross site scripting, or execution of unsigned code.
One of these was CVE-2017-2544, an Array concat Integer Overflow Remote Code Execution disclosed at Pawn2Own by 360 Security (@mj0011sec) working with Trend Micro’s Zero Day Initiative.
Apple fixed 12 bugs with the release of watchOS 3.2.2, affecting AVEVideoEncoder, CoreAudio, IOSurface, Kernel, SQLite, TextInput, and WebKit. Most could lead to arbitrary code execution, but some allow for privilege escalation or the reading of restricted memory.
Of the 23 flaws tvOS 10.2.1 resolves, 12 were found in WebKit and impacted Safari and iOS as well. The remaining issues affected AVEVideoEncoder, CoreAudio, IOSurface, Kernel, SQLite, and TextInput.