#CVE2024 – Xynik

Microsoft Patches Vulnerabilities in Windows Defender, Update Catalog

December 13, 2024 by Xynik

December 13, 2024 at 06:40AM Microsoft has patched two critical vulnerabilities: one in Windows Defender (CVE-2024-49071) related to information disclosure, and another in the Update Catalog (CVE-2024-49147) involving privilege escalation. These issues have been fully mitigated, requiring no action from users. Transparency remains a priority for Microsoft with CVE identifiers. **Meeting Takeaways: Microsoft Vulnerabilities Update** … Read more

About the security content of Safari 18.2 – Apple Support

December 11, 2024 by Xynik

December 11, 2024 at 04:51PM A security update for Safari 18.2, releasing December 11, 2024, addresses multiple type confusion issues (CVE-2024-44246, CVE-2024-54479, CVE-2024-54502, CVE-2024-54508, CVE-2024-54505, CVE-2024-54534). These vulnerabilities could lead to memory corruption from malicious web content. Updates are available for macOS Ventura and Sonoma. ### Meeting Takeaways **Apple ID**: 121846 **Release Date**: December 11, … Read more

About the security content of iOS 18.2 and iPadOS 18.2 – Apple Support

December 11, 2024 by Xynik

December 11, 2024 at 01:33PM Apple’s iOS 18.2 and iPadOS 18.2 address multiple security vulnerabilities with improved checks and memory handling. Notable risks include potential unauthorized access to private information, memory corruption, and sensitive data leaks. Updates are available for iPhone XS and later, various iPad models, enhancing overall system security. ### Meeting Notes Summary … Read more

About the security content of iPadOS 17.7.3 – Apple Support

December 11, 2024 by Xynik

December 11, 2024 at 01:33PM Apple’s iPadOS 17.7.3 update, releasing on December 11, 2024, addresses multiple vulnerabilities (CVE-2024-44201, CVE-2024-54486, among others) affecting iPad Pro 12.9-inch (2nd gen), iPad Pro 10.5-inch, and iPad 6th gen. Issues include memory disclosure, kernel state leakage, denial of service, and unexpected crashes. ### Meeting Notes Summary **Apple ID**: 121838 **Release … Read more

About the security content of macOS Sequoia 15.2 – Apple Support

December 11, 2024 by Xynik

December 11, 2024 at 01:33PM Multiple security vulnerabilities have been identified in macOS Sequoia 15.2. Issues range from unauthorized access to user data, memory handling problems, and permissions misconfigurations. Updates have been made to address these vulnerabilities, enhancing overall system security. The release date for the update is set for December 11, 2024. ### Meeting … Read more

About the security content of macOS Sonoma 14.7.2 – Apple Support

December 11, 2024 by Xynik

December 11, 2024 at 01:33PM Multiple vulnerabilities were identified in macOS Sonoma 14.7.2, impacting user data access, kernel privileges, and sandbox security. Updates addressing various issues, including logic, path handling, memory management, and permissions, have been released to mitigate risks. Users are encouraged to install the latest security updates. ### Meeting Takeaways on macOS Sonoma … Read more

About the security content of macOS Ventura 13.7.2 – Apple Support

December 11, 2024 by Xynik

December 11, 2024 at 01:33PM On December 11, 2024, Apple is releasing updates for macOS Ventura 13.7.2, addressing various vulnerabilities (CVE-2024-54477, CVE-2024-54527, etc.) that could allow apps to access sensitive data or execute arbitrary code. Improved checks and validations were implemented for better security measures. ### Meeting Takeaways #### Release Details: – **Apple ID**: 121842 … Read more

About the security content of tvOS 18.2 – Apple Support

December 11, 2024 by Xynik

December 11, 2024 at 01:33PM On December 11, 2024, Apple will release updates for tvOS 18.2, addressing multiple security vulnerabilities. Issues include improved checks and memory handling to prevent unauthorized access to sensitive data and potential memory corruption. The updates apply to Apple TV HD and Apple TV 4K models. ### Meeting Notes Summary **Apple … Read more

About the security content of visionOS 2.2 – Apple Support

December 11, 2024 by Xynik

December 11, 2024 at 01:33PM Apple Vision Pro’s visionOS 2.2 has multiple vulnerabilities addressed through updates, including permissions issues, memory handling improvements, and enhanced network security. Notable CVEs include CVE-2024-54513, CVE-2024-54486, and CVE-2024-45490, which could lead to data exposure, unexpected app termination, or memory corruption. Update available on December 11, 2024. ### Meeting Takeaways: **Release … Read more

Three more vulns spotted in Ivanti CSA, all critical, one 10/10

December 11, 2024 by Xynik

December 11, 2024 at 07:15AM Ivanti issued a security advisory for three critical vulnerabilities in its Cloud Services Application (CSA), including a perfect 10-rated authentication bypass flaw. These vulnerabilities could allow attackers to gain unauthorized access and execute malicious commands. Users are urged to upgrade to version 5.0.3 to mitigate risks. ### Meeting Takeaways: **Ivanti … Read more