About the security content of macOS Sonoma 14.7.1 – Apple Support

About the security content of macOS Sonoma 14.7.1 - Apple Support

October 28, 2024 at 12:06PM

Apple has released security updates for macOS Sonoma 14.7.1, addressing numerous vulnerabilities including logic issues, sandbox circumvention, and information disclosure risks. Updates enhance validation, improve checks, and implement additional restrictions to safeguard against potential malware and unauthorized access to sensitive data. Users are encouraged to install the update promptly.

### Meeting Takeaways

**Apple ID:** 121570
**Release Date:** October 28, 2024
**Affected Product:** macOS Sonoma 14.7.1

#### Security Vulnerabilities Addressed:

1. **CVE-2024-44255, CVE-2024-44270**
– **Description:** Logic issue fixed with improved validation.
– **Impact:** Sandboxed processes may circumvent sandbox restrictions.

2. **CVE-2024-44280**
– **Description:** Addressed downgrade issue with code-signing restrictions.
– **Impact:** Apps may modify protected file system areas.

3. **CVE-2024-44260**
– **Description:** Vulnerable code removed.
– **Impact:** Malicious apps with root privileges may modify system files.

4. **CVE-2024-44273**
– **Description:** Improved handling of symlinks.
– **Impact:** Malicious apps may access private information.

5. **CVE-2024-44295**
– **Description:** Addressed with additional entitlement checks.
– **Impact:** Apps may modify protected file system areas.

6. **CVE-2024-44240, CVE-2024-44302**
– **Description:** Improved checks for processed malicious fonts.
– **Impact:** Potential disclosure of process memory.

7. **CVE-2024-44213**
– **Description:** Enhanced input validation in URL parsing.
– **Impact:** Privileged attackers may leak sensitive information.

8. **CVE-2024-40855**
– **Description:** Improved checks introduced.
– **Impact:** Sandboxed apps may access sensitive user data.

9. **CVE-2024-44289**
– **Description:** Improved private data redaction in logs.
– **Impact:** Apps may read sensitive location information.

10. **CVE-2024-44282**
– **Description:** Addressed out-of-bounds read with input validation.
– **Impact:** Potential user information disclosure.

11. **Multi-CVE issues (CVE-2024-44265, CVE-2024-44215, CVE-2024-44297, etc.)**
– **Description:** Improved checks implemented.
– **Impact:** Disclosures and modifications of protected files possible.

12. **CVE-2024-44197, CVE-2024-44239**
– **Description:** Improved private data redaction in logs.
– **Impact:** Apps may leak sensitive kernel state.

13. **CVE-2024-44175, CVE-2024-44122**
– **Description:** Enhanced validation of symlinks and logic checks.
– **Impact:** Access to sensitive user data possible.

14. **CVE-2024-44218, CVE-2024-44254**
– **Description:** Improved redaction for sensitive information.
– **Impact:** Applications may access user data.

15. **CVE-2024-44294, CVE-2024-44144**
– **Description:** Buffer overflow addressed with improved validation.
– **Impact:** Unexpected app termination from crafted files.

16. **CVE-2024-44283**
– **Description:** Improved bounds checking.
– **Impact:** Parsing malicious files may cause unexpected termination.

17. **CVE-2024-44264**
– **Description:** Enhanced symlink validation.
– **Impact:** Malicious apps may create symlinks to protected disk areas.

18. **CVE-2024-44257**
– **Description:** Improved redaction of sensitive info.
– **Impact:** Access to sensitive user data by apps possible.

#### Summary
The meeting highlighted multiple critical security vulnerabilities in macOS Sonoma 14.7.1, emphasizing the necessity of the upcoming updates to address these issues and enhance system security. A broad range of CVEs were discussed, each targeting various aspects of security integrity, private data protection, and system stability. Immediate action is advised to implement the update available on the release date.

Full Article