March 7, 2024 at 01:51PM Summary: CVE-2024-23276: Logic issue fixed in Admin Framework, allowing app privilege elevation. CVE-2024-23227: Improved redaction in Airport to prevent sensitive location access. CVE-2024-23269: Code-signing fix in AppleMobileFileIntegrity to prevent file system modification. Other CVEs address various memory, privacy, and access issues, now updated in macOS Monterey. Based on the meeting … Read more
March 7, 2024 at 01:51PM Summary: Numerous security vulnerabilities have been addressed in macOS Monterey, including logic issues, memory handling improvements, and input validation enhancements impacting various products such as Admin Framework, Airport, and Kernel. These updates aim to prevent privilege elevation, sensitive information exposure, and unauthorized access to the file system. From the meeting … Read more
January 22, 2024 at 01:42PM Summary: Release date 2024-01-22. Multiple CVEs with security issues addressed, including memory handling improvements, cryptography enhancements, privacy and access issues. Affected products include Apple Neural Engine, CoreCrypto, Kernel, Mail Search, NSSpellChecker, Safari, Shortcuts, TCC, Time Zone, and WebKit. Update available for Apple Watch Series 4 and later. From the meeting … Read more