Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Security Strategy, Plan, Budget, Vulnerability Management, Patch/Configuration Management, Incident Response, TDR, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Apple releases security updates for iOS, iTunes, more


Apple has released security updates for several of its products to address vulnerabilities that could allow an attacker to take control of an infected system.

The vulnerabilities affect  iCloud for Windows, Safari, iTunes, various macOS versions, tvOS and iOS, among other products, according to a Dec. 5 US-CERT advisory.

“NCCIC encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates,” the advisory said.

The iOS updates include patches for a type confusion issue in Airport that could be exploited to elevate privileges, a lock screen issue in FaceTime that could allow a local attacker to view contacts from the lock screen, and several Kernel flaws that can lead to escalated privileges.

The update also addresses iTunes issues in Safari for Windows 7 and later which could lead to address bar spoofing as well as user interface spoofing.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.