Apple Rolls-Out iOS 12.3 Which Introduces A Number of Security Fixes

Alongside Microsoft and Adobe, Apple have also released security patches for various products. Specifically, Apple rolled out iOS 12.3, tvOS 12.3, and other major updates addressing many vulnerabilities.

Apple Rolls Out iOS 12.3 And Other OS Updates

The tech giant Apple also steps into the trail of security patches from vendors as it updates multiple products together. This month, Apple rolls out iOS 12.3 containing fixes for numerous flaws.

As elaborated in Apple’s advisory, the iOS 12.3 security fixes are available for iPhone 5s and later, iPod touch 6th gen, and iPad Air and later. Some of the notable fixes include patches for four different SQLite vulnerabilities discovered by Omer Gull from Check Point Research (CVE-2019-8577, CVE-2019-8598, CVE-2019-8600, and CVE-2019-8602), and three different vulnerabilities in Kernel (CVE-2019-8576, CVE-2019-8591, and CVE-2019-8605).

Some other patches include fixes for use after free vulnerability in Mail Message Framework (CVE-2019-8613) that could allow a remote attacker to execute arbitrary codes and numerous vulnerabilities in WebKit. One such WebKit flaw could disclose process memory in response to maliciously crafted web content (CVE-2019-8607). Whereas, 20 other WebKit flaws could allow arbitrary code execution when triggered by maliciously modified web content.

In addition, Apple also released watchOS 5.2.1, tvOS 12.3, and Apple Safari 12.1.1 that fixes various security flaws.

Security Updates For MacOS

Among the 173 security patches released this Tuesday, a major chunk addressed security flaws affecting MacOS. These updates are available for macOS Mojave 10.14.4, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6.

Some of the notable fixes include an AMD memory corruption issue allowing arbitrary code execution (CVE-2019-8635), multiple Kernel vulnerabilities (CVE-2019-8525, CVE-2019-8547, CVE-2019-8576, CVE-2019-8591, and CVE-2019-8605), the SQLite flaws (discussed above for iOS), and WebKit vulnerabilities.

Besides, Apple also released Microcode addressing Intel’s ZombieLoad flaws. Besides, they have also shared a detailed list of unsupported Mac systems for these updates, due to ‘lack of microcode’ from Intel.

Take your time to comment on this article.

 

Related posts

Apple Addressed Two Zero-Day Flaws In Intel-based Macs

Really Simple Security Plugin Flaw Risks 4+ Million WordPress Websites

Glove Stealer Emerges A New Malware Threat For Browsers