#AppleVisionPro

About the security content of visionOS 2.2 – Apple Support

December 11, 2024 by Xynik

December 11, 2024 at 01:33PM Apple Vision Pro’s visionOS 2.2 has multiple vulnerabilities addressed through updates, including permissions issues, memory handling improvements, and enhanced network security. Notable CVEs include CVE-2024-54513, CVE-2024-54486, and CVE-2024-45490, which could lead to data exposure, unexpected app termination, or memory corruption. Update available on December 11, 2024. ### Meeting Takeaways: **Release … Read more

About the security content of visionOS 2.1.1 – Apple Support

November 19, 2024 by Xynik

November 19, 2024 at 02:43PM Apple has addressed two security vulnerabilities in visionOS 2.1.1 for the Apple Vision Pro, with release set for November 19, 2024. CVE-2024-44308 involves potential arbitrary code execution from malicious web content, while CVE-2024-44309 addresses cookie management issues that could lead to cross-site scripting attacks. ### Meeting Notes Takeaways 1. **Upcoming … Read more

About the security content of visionOS 2.1 – Apple Support

October 28, 2024 by Xynik

October 28, 2024 at 12:06PM Apple has released updates for visionOS 2.1 on Apple Vision Pro addressing various security vulnerabilities. These include improved handling of symlinks, memory management, and path handling issues that could lead to unauthorized access, information disclosure, or system crashes. The update is available as of October 28, 2024. ### Meeting Takeaways … Read more

About the security content of visionOS 1.2 – Apple Support

October 15, 2024 by Xynik

October 15, 2024 at 02:09PM Apple has released updates for visionOS 1.2 to address multiple vulnerabilities (CVE-2024-27800 to CVE-2024-27884). Issues include arbitrary code execution, privilege escalation, and app termination due to improved input validation and memory handling. Updates are available for Apple Vision Pro, released on June 10, 2024. ### Meeting Takeaways #### Overview The … Read more

About the security content of visionOS 1.3 – Apple Support

October 15, 2024 by Xynik

October 15, 2024 at 01:45PM Apple’s visionOS 1.3 update, available for Apple Vision Pro on July 29, 2024, addresses multiple security vulnerabilities (CVE-2024-27826, CVE-2024-40799, etc.) involving improved memory handling, bounds checking, and locking methods. These issues could lead to unexpected system shutdowns, app terminations, or cross-site scripting attacks. ### Meeting Takeaways **Release Date:** July 29, … Read more

About the security content of visionOS 2 – Apple Support

October 13, 2024 by Xynik

October 13, 2024 at 02:30PM Multiple vulnerabilities affecting visionOS 2 on Apple Vision Pro have been addressed in a September 2024 update. Issues include improved checks for root access, race conditions, out-of-bounds reads, cross-origin data exfiltration, denial-of-service risks, and unauthorized Bluetooth access. Users are encouraged to update to enhance security. **Meeting Takeaways: Security Updates for … Read more

About the security content of visionOS 1.1.1 – Apple Support

March 25, 2024 by Xynik

March 25, 2024 at 01:54PM Summary: Apple released a security update on March 21, 2024 (Apple Id: HT214093) addressing CVE-2024-1580. The update improves input validation to resolve an out-of-bounds write issue that could lead to arbitrary code execution when processing images in CoreMedia and WebRTC. Update available for: Apple Vision Pro. Based on the meeting … Read more

About the security content of visionOS 1.1 – Apple Support

March 7, 2024 by Xynik

March 7, 2024 at 01:51PM Summary: Apple has released updates for multiple CVEs affecting various products such as Accessibility, ImageIO, Kernel, Metal, Persona, RTKit, Safari, UIKit, and WebKit in the Apple Vision Pro. The updates include fixes for issues related to memory handling, input validation, and permissions to address potential security vulnerabilities and impacts on … Read more

About the security content of visionOS 1.0.2 – Apple Support

January 31, 2024 by Xynik

January 31, 2024 at 01:34PM Summary: Apple released an update on January 31, 2024, addressing CVE-2024-23222, a type confusion issue in WebKit. The update includes improved checks to prevent arbitrary code execution from malicious web content. Apple is investigating reports of potential exploitation and has made the update available for Apple Vision Pro. Based on … Read more