Patch/Configuration Management, Vulnerability Management

Apple patches 76 security issues with latest software releases

Apple got a small head start on Patch Tuesday pushing out updates for seven products on July 9, including, iTunes, Safari and iOS.

Leading the pack with the most CVEs was iOS 11.4.1 with 22, seven of which addressed issues in iPhone 5s and later, iPad Air and later, and iPod touch 6th generation where multiple memory corruption issues would allow maliciously crafted web content to execute arbitrary code execution.

Apple released fixes for 14 issues in iTunes 12.8 for Windows that if left unfixed could lead to arbitrary code execution, denial of service, having Safari crash or having Cookies may unexpectedly persist in Safari.

The update iCloud for Windows 7.6 contained 13 patches, the majority of which fixed multiple memory corruption issues which if exploited by a maliciously crafted web content could lead to arbitrary code execution.

Safari 11.1.2 covered 16 CVEs with seven fixing multiple memory corruption issues that if left unpatched could lead to arbitrary code execution.

There were 11 issues listed for macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan, including several memory corruption issues enabling an application to execute arbitrary code or gain elevated privileges and a type confusion issue allowing a malicious program to gain root privileges.

WatchOS 4.3.2 contained 14 patches covering cookie management, denial of service, memory corruption and out-of-bounds read issues

The security updates in tvOS 11.4.1 contained 18 CVEs that will stop unauthorized people from gaining elevated privileges, malicious applications from reading restricted memory, malicious crafted content forcing Safari to crash and maliciously crafted web content may lead to arbitrary code execution.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.