Alongside Microsoft and Adobe, Apple have also released security patches for various products. Specifically, Apple rolled out iOS 12.3, tvOS 12.3, and other major updates addressing many vulnerabilities.
Apple Rolls Out iOS 12.3 And Other OS Updates
The tech giant Apple also steps into the trail of security patches from vendors as it updates multiple products together. This month, Apple rolls out iOS 12.3 containing fixes for numerous flaws.
As elaborated in Apple’s advisory, the iOS 12.3 security fixes are available for iPhone 5s and later, iPod touch 6th gen, and iPad Air and later. Some of the notable fixes include patches for four different SQLite vulnerabilities discovered by Omer Gull from Check Point Research (CVE-2019-8577, CVE-2019-8598, CVE-2019-8600, and CVE-2019-8602), and three different vulnerabilities in Kernel (CVE-2019-8576, CVE-2019-8591, and CVE-2019-8605).
Some other patches include fixes for use after free vulnerability in Mail Message Framework (CVE-2019-8613) that could allow a remote attacker to execute arbitrary codes and numerous vulnerabilities in WebKit. One such WebKit flaw could disclose process memory in response to maliciously crafted web content (CVE-2019-8607). Whereas, 20 other WebKit flaws could allow arbitrary code execution when triggered by maliciously modified web content.
Security Updates For MacOS
Among the 173 security patches released this Tuesday, a major chunk addressed security flaws affecting MacOS. These updates are available for macOS Mojave 10.14.4, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6.
Some of the notable fixes include an AMD memory corruption issue allowing arbitrary code execution (CVE-2019-8635), multiple Kernel vulnerabilities (CVE-2019-8525, CVE-2019-8547, CVE-2019-8576, CVE-2019-8591, and CVE-2019-8605), the SQLite flaws (discussed above for iOS), and WebKit vulnerabilities.
Besides, Apple also released Microcode addressing Intel’s ZombieLoad flaws. Besides, they have also shared a detailed list of unsupported Mac systems for these updates, due to ‘lack of microcode’ from Intel.
Take your time to comment on this article.
Latest posts by Abeerah Hashim (see all)
- Online Education Platform Thinkful Resets Passwords Following Security Breach - September 23, 2019
- Critical Privilege Escalation Vulnerability Existed In Harbor Registry - September 23, 2019
- Misconfiguring Google Calendar Reveals Calendar Events Publicly - September 23, 2019