March 25, 2024 at 01:54PM Apple has released an update for macOS Sonoma to address out-of-bounds write issues in CoreMedia and WebRTC. The issues were resolved with improved input validation to prevent arbitrary code execution when processing images. CVE-2024-1580 is the identifier for this vulnerability. The meeting notes indicate that there are two issues addressed … Read more
March 25, 2024 at 01:54PM Summary: Apple released a security update on March 21, 2024 (Apple Id: HT214093) addressing CVE-2024-1580. The update improves input validation to resolve an out-of-bounds write issue that could lead to arbitrary code execution when processing images in CoreMedia and WebRTC. Update available for: Apple Vision Pro. Based on the meeting … Read more
March 7, 2024 at 01:51PM Summary: CVE-2024-23276: Logic issue fixed in Admin Framework, allowing app privilege elevation. CVE-2024-23227: Improved redaction in Airport to prevent sensitive location access. CVE-2024-23269: Code-signing fix in AppleMobileFileIntegrity to prevent file system modification. Other CVEs address various memory, privacy, and access issues, now updated in macOS Monterey. Based on the meeting … Read more
March 7, 2024 at 01:51PM Summary: Numerous security vulnerabilities have been addressed in macOS Monterey, including logic issues, memory handling improvements, and input validation enhancements impacting various products such as Admin Framework, Airport, and Kernel. These updates aim to prevent privilege elevation, sensitive information exposure, and unauthorized access to the file system. From the meeting … Read more
October 25, 2023 at 02:36PM Summary: Apple has released a security update addressing multiple vulnerabilities in various products. The issues include privacy concerns, memory handling improvements, authentication and UI issues, and potential arbitrary code execution. Affected products include Contacts, CoreAnimation, Find My, ImageIO, IOTextEncryptionFamily, Kernel, Mail Drafts, mDNSResponder, Passkeys, Photos, Pro Res, Siri, Status Bar, … Read more
October 25, 2023 at 02:36PM There are multiple updates available for macOS Monterey addressing various security issues. These include improved memory handling, removal of vulnerable code, and improved handling of caches and symlinks. The updates address issues related to denial-of-service attacks, sensitive information access, arbitrary code execution, and privacy concerns. Affected products include CoreAnimation, FileProvider, … Read more