This iOS 18 Feature Attempts to Make Your iPhone Not Worth Stealing

September 13, 2024 at 12:42PM Apple has introduced a new Activation Lock feature in iOS 18, extending it to iPhone parts to make stolen devices useless for thieves. This ties components like the battery, camera, display, etc., to the owner’s Apple ID, preventing unauthorized use and deterring theft. The feature also provides transparency in parts … Read more

About the security content of macOS Monterey 12.7.5 – Apple Support

May 13, 2024 at 01:45PM Summary: Apple released updates for macOS Monterey to address two security vulnerabilities (CVE-2024-23229 and CVE-2024-27789). The updates improved redaction of sensitive information in Find My, and addressed a logic issue in Foundation that could allow an app to access user-sensitive data. From the meeting notes, the following key takeaways can … Read more

About the security content of macOS Ventura 13.6.7 – Apple Support

May 13, 2024 at 01:45PM Summary: Apple released updates for macOS Ventura to address logic and memory corruption issues, impacting Foundation, Login Window, and RTKit. The vulnerabilities could lead to unauthorized data access and bypassing of kernel memory protections. The updates aim to improve checks, state management, and validation to mitigate potential risks. From the … Read more

About the security content of iTunes 12.13.2 for Windows – Apple Support

May 8, 2024 at 04:15PM Apple ID: HT214099, released on 2024-05-08, addressed CVE-2024-27793 with improved checks. Impact: Parsing a file may result in an unexpected app termination or arbitrary code execution. Affected product: CoreMedia. Update available for Windows 10 and later. Based on the meeting notes, the key takeaways are: – Apple ID: HT214099 – … Read more

About the security content of macOS Ventura 13.6.6 – Apple Support

March 25, 2024 at 01:54PM Summary: Apple released an update on March 25, 2024, addressing CVE-2024-1580, an out-of-bounds write issue impacting CoreMedia and WebRTC on macOS Ventura. The update improves input validation to mitigate the risk of arbitrary code execution when processing images. It appears that there are two security vulnerabilities, both tied to CVE-2024-1580. … Read more

About the security content of macOS Sonoma 14.4.1 – Apple Support

March 25, 2024 at 01:54PM Apple has released an update for macOS Sonoma to address out-of-bounds write issues in CoreMedia and WebRTC. The issues were resolved with improved input validation to prevent arbitrary code execution when processing images. CVE-2024-1580 is the identifier for this vulnerability. The meeting notes indicate that there are two issues addressed … Read more

About the security content of iOS 17.4.1 and iPadOS 17.4.1 – Apple Support

March 25, 2024 at 01:54PM Summary: Apple released an update addressing an out-of-bounds write issue (CVE-2024-1580) impacting CoreMedia and WebRTC. The update is available for multiple devices including iPhone XS, iPad Pro, iPad Air, and iPad mini. The issue, related to processing images, could lead to arbitrary code execution if not addressed. Based on the … Read more

About the security content of Xcode 15.3 – Apple Support

March 15, 2024 at 03:42PM Summary: Apple has released an update for Xcode due to a logic issue (CVE-2024-23298) that could allow an app to bypass Gatekeeper checks. The update, available for macOS Sonoma 14 and later, addresses improved state management to mitigate the issue. Release date: 2024-03-05. Apple ID: HT214092. After reviewing the meeting … Read more

About the security content of iTunes 12.13.1 for Windows – Apple Support

March 14, 2024 at 02:54PM Summary: Apple ID HT214091 released an update on December 14, 2023, addressing CVE-2023-42938, a logic issue with improved checks. The impact is that a local attacker may elevate their privileges. The affected product is the Mobile Device Service, with the update available for Windows 10 and later. Based on the … Read more

About the security content of GarageBand 10.4.11 – Apple Support

March 12, 2024 at 02:21PM Summary: Apple ID HT214090 addresses CVE-2024-23300, a use-after-free issue in GarageBand. The release on 2024-03-12 includes improved memory management to mitigate potential impact. Users of macOS Ventura and macOS Sonoma are advised to install the update to prevent unexpected app termination or arbitrary code execution when processing malicious files. Based … Read more