Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Network Security, Security Strategy, Plan, Budget, Vulnerability Management, Patch/Configuration Management, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Apple releases security updates for multiple products

Apple released security updates to patch vulnerabilities in its iOS, mac OS, tvOS and watchOS platforms, some of which could have been used to remotely exploit the affected devices.

The iOS 11.2 update addressed multiple memory corruption issues that could result in an application being able to execute arbitrary code with system privileges, through improved state management, according to the advisory.

Apple also released  macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan to address multiple issues that could allow the processing a maliciously crafted Apache configuration directive to result in the disclosure of process memory.

The tvOS and watch OS updates a memory corruption issue that could allow an application to execute arbitrary code with kernel privileges. These vulnerabilities were patched with improved memory handling. 

Related

DevSecOps
Security concerns curb open source utilization

Open source software utilization has been scaled back by nearly 40% of industry professionals due to security concerns, with more than 50% reducing open source usage following the emergence of the widespread Log4j vulnerability, The Register reports.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.