Apple Updates Everything (again) ... and fixes a "911 DoS bug" in iOS
Apple today released yet again one of its well known "surprise patch days" that update everything.
Apple iWork: This is Apple's Office suite. I do not remember seeing a lot of updates for it so far, and this release fixes a single flaw. Until now, Apple used RC4 to encrypt password protected iWork documents. RC4 is of course no longer adequate, and going forward iWork will use AES 128.
Safari: The Safari update addresses a number of WebKit issues and various other typical browser flaws. Some of the vulnerabilities can lead to arbitrary code execution. Based on the "Credits" given to researchers, it appears that some of the flaws came from the pwn2own contest.
macOS Sierra / OS X El Capitan and Yosemite: This update fixes vulnerabilities for open source software included in Apple's operating system (libressl, php, tcpdump , OpenSSH, OpenSSL and others). In particular, the tcpdump issues are interesting as they are quite old by now. This update also fixes (yet again) and EFI issue that would allow an attacker to retrieve the FielVaul 2 encryption password if the attacker can connect to the Thunderbolt port during boot.
iOS: Lots of overlap with the OS X and Safari updates due to the shared code base. An interesting iOS specific vulnerability that is addressed here allows attackers to use third party apps to make phone calls without user permission. Problems like this have been abused by pranksters to trick users into dialing 911 which in some cases lead to DoS attacks against 911 call centers.
watchOS/tvOS: A lot of overlap here with the other updates, so nothing special to mention. Still: Patch!
There has been a lot of interest in exploiting Apple products. I highly recommend updating expeditiously. So far I haven't heard of any issues with these updates (if you know of any: please leave a comment below)
[1] https://support.apple.com/en-us/HT201222
---
Johannes B. Ullrich, Ph.D., Dean of Research, SANS Technology Institute
STI|Twitter|LinkedIn
Happy New Year 2011!!!
Last Updated: 2011-01-01 04:39:36 UTC
by Manuel Humberto Santander Pelaez (Version: 1)
We wish all our readers and their families a wonderful and amazing 2011. Thanks for your support, contributions and for being part of this infosec community.
-- Manuel Humberto Santander Peláez | http://twitter.com/manuelsantander | http://manuel.santander.name | msantand at isc dot sans dot org
Comments
Anonymous
Dec 3rd 2022
9 months ago
Anonymous
Dec 3rd 2022
9 months ago
<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.
<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission
Anonymous
Dec 26th 2022
9 months ago
Anonymous
Dec 26th 2022
9 months ago
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> nearest public toilet to me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>
Anonymous
Dec 26th 2022
9 months ago
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> nearest public toilet to me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>
Anonymous
Dec 26th 2022
9 months ago
Anonymous
Dec 26th 2022
9 months ago
https://defineprogramming.com/
Dec 26th 2022
9 months ago
distribute malware. Even if the URL listed on the ad shows a legitimate website, subsequent ad traffic can easily lead to a fake page. Different types of malware are distributed in this manner. I've seen IcedID (Bokbot), Gozi/ISFB, and various information stealers distributed through fake software websites that were provided through Google ad traffic. I submitted malicious files from this example to VirusTotal and found a low rate of detection, with some files not showing as malware at all. Additionally, domains associated with this infection frequently change. That might make it hard to detect.
https://clickercounter.org/
https://defineprogramming.com/
Dec 26th 2022
9 months ago
rthrth
Jan 2nd 2023
8 months ago