Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Network Security, Security Strategy, Plan, Budget, Vulnerability Management, Patch/Configuration Management, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Newest Apple releases squash bugs in iOS, macOS, Safari, various apps

Apple addressed a bevy of security bugs late last week, after issuing updated versions of its current operating systems, Safari browser and several core apps, as well as security enhancements for two older OS offerings.

The company's March 29 release of iOS 11.3 fixed a total of 44 bugs, including a memory corruption flaw that could cause an application to execute arbitrary code with kernel privileges. The vulnerabilities were found in the following components: Clock, CoreFoundation (2), CoreText, File System Events, Files Widget, Find My iPhone, iCloud Drive, Kernel (3), Mail, NSURLSession, PluginKit, Quick Look, Safari, Safari Login AutoFill, SafariViewController, Security, Storage, System Preferences, Telephony (2), Web App, WebKit (19) and WindowServer.

For Mac users, Apple debuted macOS High Sierra version 10.13.4, while also issuing security updates for Sierra and El Capitan. These actions remedied problems found in the following components: Admin Framework, APFS, ATS, CFNetwork Session, CoreFoundation, CoreText, Core Types, curl, Disk Images, Disk Management, File System Events, iCloud Drive, Intel Graphics Driver, IOFireWireFamily, Kernel, kext tools, LaunchServices, Mail, Notes, NSURLSession, NVIDIA Graphics Drivers, PDFKit, PluginKit, Quick Look, Security, Storage, System Preferences, Terminal and WindowServer.

Apple also released iCloud for Windows 7.4, which includes 20 repairs; iTunes 12.7.4 for Windows, which addresses 20 issues; Safari 11.1, which features 23 fixes; tvOS 11.3, which patches 28 vulnerabilities; watchOS 4.3, which contains 22 fixes; and Xcode 9.3, which remedies one bug.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.