Apple Security Updates
Summary (MacOS, iOS, tvOS, watchOS)
| Component | CVE | MacOS/OS X | iOS | watchOS | tvOS |
|---|---|---|---|---|---|
| Kernel | CVE-2018-8897 | X | |||
| ATS | CVE-2018-4219 | X | |||
| WebKit | CVE-2018-4188 | X | X | X | |
| Siri Contacts | CVE-2018-4244 | X | |||
| Accessibility Framework | CVE-2018-4196 | X | |||
| Security | CVE-2018-4221 | X | X | ||
| Kernel | CVE-2018-4243 | X | X | X | X |
| WebKit | CVE-2018-4204 | X | X | X | |
| AMD | CVE-2018-4253 | X | |||
| UIKit | CVE-2018-4198 | X | X | X | X |
| WebKit | CVE-2018-4222 | X | X | X | X |
| WebKit | CVE-2018-4192 | X | X | X | X |
| Graphics Drivers | CVE-2018-4159 | X | |||
| WebKit | CVE-2018-4200 | X | X | ||
| IOHIDFamily | CVE-2018-4234 | X | |||
| Hypervisor | CVE-2018-4242 | X | |||
| Messages | CVE-2018-4235 | X | X | X | X |
| libxpc | CVE-2018-4237 | X | X | X | X |
| WebKit | CVE-2018-4232 | X | X | X | |
| Security | CVE-2018-4224 | X | X | X | X |
| Bluetooth | CVE-2018-4171 | X | |||
| Magnifier | CVE-2018-4239 | X | |||
| CVE-2018-4227 | X | X | |||
| iBooks | CVE-2018-4202 | X | X | ||
| Intel Graphics Driver | CVE-2018-4141 | X | |||
| WebKit | CVE-2018-4218 | X | X | X | X |
| Crash Reporter | CVE-2018-4206 | X | X | ||
| NVIDIA Graphics Drivers | CVE-2018-4230 | X | |||
| WebKit | CVE-2018-4233 | X | X | X | X |
| WebKit | CVE-2018-4190 | X | X | X | |
| IOGraphics | CVE-2018-4236 | X | |||
| Contacts | CVE-2018-4100 | X | |||
| Kernel | CVE-2018-4249 | X | X | X | X |
| Security | CVE-2018-4223 | X | X | X | X |
| IOFireWireAVC | CVE-2018-4228 | X | |||
| Firmware | CVE-2018-4251 | X | |||
| Safari | CVE-2018-4247 | X | X | ||
| Speech | CVE-2018-4184 | X | |||
| Windows Server | CVE-2018-4193 | X | |||
| Messages | CVE-2018-4250 | X | |||
| WebKit | CVE-2018-4199 | X | X | X | |
| Bluetooth | CVE-2018-4215 | X | |||
| apache_mod_php | CVE-2018-7584 | X | |||
| WebKit | CVE-2018-4201 | X | X | X | X |
| WebKit | CVE-2018-4246 | X | X | X | X |
| Security | CVE-2018-4226 | X | X | X | |
| Security | CVE-2018-4225 | X | X | X | |
| FontParser | CVE-2018-4211 | X | X | X | X |
| Siri | CVE-2018-4252 | X | |||
| Kernel | CVE-2018-4241 | X | X | X | X |
| Messages | CVE-2018-4240 | X | X | X | X |
| Siri | CVE-2018-4238 | X | |||
| Grand Central Dispatch | CVE-2018-4229 | X | |||
| WebKit | CVE-2018-4214 | X | X | X | X |
MacOS / OS X
| Componeent | 10.13 (High Sierra | 10.12 (Sierra | 10.11 (El Capitan) | Impact | Details | CVE |
|---|---|---|---|---|---|---|
| Accessibility Framework | x | A malicious application may be able to execute arbitrary code with system privileges | An information disclosure issue existed in Accessibility Framework. This issue was addressed with improved memory management. | CVE-2018-4196 | ||
| AMD | x | A local user may be able to read kernel memory | An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. | CVE-2018-4253 | ||
| apache_mod_php | x | Issues in php were addressed in this update | This issue was addressed by updating to php version 7.1.16. | CVE-2018-7584 | ||
| ATS | x | A malicious application may be able to elevate privileges | A type confusion issue was addressed with improved memory handling. | CVE-2018-4219 | ||
| Bluetooth | x | x | A malicious application may be able to determine kernel memory layout. | An information disclosure issue existed in device properties. This issue was addressed with improved object management. | CVE-2018-4171 | |
| Firmware | x | A malicious application with root privileges may be able to modify the EFI flash memory region | A device configuration issue was addressed with an updated configuration. | CVE-2018-4251 | ||
| FontParser | x | x | x | Processing a maliciously crafted font file may lead to arbitrary code execution | A memory corruption issue was addressed with improved validation. | CVE-2018-4211 |
| Grand Central Dispatch | x | A sandboxed process may be able to circumvent sandbox restrictions | An issue existed in parsing entitlement plists. This issue was addressed with improved input validation. | CVE-2018-4229 | ||
| Graphics Drivers | x | x | x | An application may be able to read restricted memory | A validation issue was addressed with improved input sanitization. | CVE-2018-4159 |
| Hypervisor | x | An application may be able to execute arbitrary code with kernel privileges | A memory corruption vulnerability was addressed with improved locking. | CVE-2018-4242 | ||
| iBooks | x | An attacker in a privileged network position may be able to spoof password prompts in iBooks | An input validation issue was addressed with improved input validation. | CVE-2018-4202 | ||
| Intel Graphics Driver | x | An application may be able to read restricted memory | A validation issue was addressed with improved input sanitization. | CVE-2018-4141 | ||
| IOFireWireAVC | x | An application may be able to execute arbitrary code with kernel privileges | A race condition was addressed with improved locking. | CVE-2018-4228 | ||
| IOGraphics | x | An application may be able to execute arbitrary code with kernel privileges | A memory corruption issue was addressed with improved memory handling. | CVE-2018-4236 | ||
| IOHIDFamily | x | An application may be able to execute arbitrary code with kernel privileges | A memory corruption issue was addressed with improved memory handling. | CVE-2018-4234 | ||
| Kernel | x | x | x | An attacker in a privileged position may be able to perform a denial of service attack | A denial of service issue was addressed with improved validation. | CVE-2018-4249 |
| Kernel | x | x | A malicious application may be able to execute arbitrary code with kernel privileges | In some circumstances, some operating systems may not expect or properly handle an Intel architecture debug exception after certain instructions. The issue appears to be from an undocumented side effect of the instructions. An attacker might utilize this exception handling to gain access to Ring 0 and access sensitive memory or control operating system processes. | CVE-2018-8897 | |
| Kernel | x | An application may be able to execute arbitrary code with kernel privileges | A buffer overflow was addressed with improved bounds checking. | CVE-2018-4241,CVE-2018-4243 | ||
| libxpc | x | An application may be able to gain elevated privileges | A logic issue was addressed with improved validation. | CVE-2018-4237 | ||
| x | An issue existed in the handling of encrypted Mail. This issue was addressed with improved isolation of MIME in Mail. | CVE-2018-4227 | ||||
| Messages | x | A local user may be able to conduct impersonation attacks | An injection issue was addressed with improved input validation. | CVE-2018-4235 | ||
| Messages | x | Processing a maliciously crafted message may lead to a denial of service | This issue was addressed with improved message validation. | CVE-2018-4240 | ||
| NVIDIA Graphics Drivers | x | An application may be able to execute arbitrary code with kernel privileges | A race condition was addressed with improved locking. | CVE-2018-4230 | ||
| Security | x | Users may be tracked by malicious websites using client certificates | An issue existed in the handling of S-MIME certificaties. This issue was addressed with improved validation of S-MIME certificates. | CVE-2018-4221 | ||
| Security | x | A local user may be able to read a persistent account identifier | An authorization issue was addressed with improved state management. | CVE-2018-4223 | ||
| Security | x | A local user may be able to read a persistent device identifier | An authorization issue was addressed with improved state management. | CVE-2018-4224 | ||
| Security | x | A local user may be able to modify the state of the Keychain | An authorization issue was addressed with improved state management. | CVE-2018-4225 | ||
| Security | x | A local user may be able to view sensitive user information | An authorization issue was addressed with improved state management. | CVE-2018-4226 | ||
| Speech | x | A sandboxed process may be able to circumvent sandbox restrictions | A sandbox issue existed in the handling of microphone access. This issue was addressed with improved handling of microphone access. | CVE-2018-4184 | ||
| UIKit | x | Processing a maliciously crafted text file may lead to a denial of service | A validation issue existed in the handling of text. This issue was addressed with improved validation of text. | CVE-2018-4198 | ||
| Windows Server | x | An application may be able to execute arbitrary code with system privileges | A memory corruption issue was addressed with improved memory handling. | CVE-2018-4193 |
iOS
| Componeent | Impact | Details | CVE |
|---|---|---|---|
| Bluetooth | A malicious application may be able to elevate privileges | A buffer overflow was addressed with improved size validation. | CVE-2018-4215 |
| Contacts | Processing a maliciously crafted vcf file may lead to a denial of service | A validation issue existed in the handling of phone numbers. This issue was addressed with improved validation of phone numbers. | CVE-2018-4100 |
| FontParser | Processing a maliciously crafted font file may lead to arbitrary code execution | A memory corruption issue was addressed with improved validation. | CVE-2018-4211 |
| iBooks | An attacker in a privileged network position may be able to spoof password prompts in iBooks | An input validation issue was addressed with improved input validation. | CVE-2018-4202 |
| Kernel | An application may be able to execute arbitrary code with kernel privileges | A buffer overflow was addressed with improved bounds checking. | CVE-2018-4241,CVE-2018-4243 |
| Kernel | An application may be able to execute arbitrary code with kernel privileges | A memory corruption issue was addressed with improved memory handling. | CVE-2018-4249 |
| libxpc | An application may be able to gain elevated privileges | A logic issue was addressed with improved validation. | CVE-2018-4237 |
| Magnifier | A person with physical access to an iOS device may be able to view the last image used in Magnifier from the lockscreen | A permissions issue existed in Magnifier. This was addressed with additional permission checks. | CVE-2018-4239 |
| E-Fail Vulnerability | An issue existed in the handling of encrypted Mail. This issue was addressed with improved isolation of MIME in Mail. | CVE-2018-4227 | |
| Messages | A local user may be able to conduct impersonation attacks | An injection issue was addressed with improved input validation. | CVE-2018-4235 |
| Messages | Processing a maliciously crafted message may lead to a denial of service | This issue was addressed with improved message validation. | CVE-2018-4240,CVE-2018-4250 |
| Safari | A malicious website may be able to cause a denial of service | A denial of service issue was addressed with improved validation. | CVE-2018-4247 |
| Security | Users may be tracked by malicious websites using client certificates | An issue existed in the handling of S-MIME certificaties. This issue was addressed with improved validation of S-MIME certificates. | CVE-2018-4221 |
| Security | A local user may be able to read a persistent account identifier | An authorization issue was addressed with improved state management. | CVE-2018-4223 |
| Security | A local user may be able to read a persistent device identifier | An authorization issue was addressed with improved state management. | CVE-2018-4224 |
| Security | A local user may be able to modify the state of the Keychain | An authorization issue was addressed with improved state management. | CVE-2018-4225 |
| Security | A local user may be able to view sensitive user information | An authorization issue was addressed with improved state management. | CVE-2018-4226 |
| Siri | A person with physical access to an iOS device may be able to enable Siri from the lock screen | An issue existed with Siri permissions. This was addressed with improved permission checking. | CVE-2018-4238 |
| Siri | A person with physical access to an iOS device may be able to use Siri to read notifications of content that is set not to be displayed at the lock screen | An issue existed with Siri permissions. This was addressed with improved permission checking. | CVE-2018-4252 |
| Siri Contacts | An attacker with physical access to a device may be able to see private contact information | An issue existed with Siri permissions. This was addressed with improved permission checking. | CVE-2018-4244 |
| UIKit | Processing a maliciously crafted text file may lead to a denial of service | A validation issue existed in the handling of text. This issue was addressed with improved validation of text. | CVE-2018-4198 |
| WebKit | Visiting a malicious website may lead to address bar spoofing | An inconsistent user interface issue was addressed with improved state management. | CVE-2018-4188 |
| WebKit | Processing maliciously crafted web content may lead to arbitrary code execution | Multiple memory corruption issues were addressed with improved memory handling. | CVE-2018-4201,CVE-2018-4218,CVE-2018-4233 |
| WebKit | Processing maliciously crafted web content may lead to arbitrary code execution | A buffer overflow issue was addressed with improved memory handling. | CVE-2018-4199 |
| WebKit | Visiting a maliciously crafted website may lead to cookies being overwritten | A permissions issue existed in the handling of web browser cookies. This issue was addressed with improved restrictions. | CVE-2018-4232 |
| WebKit | Processing maliciously crafted web content may lead to arbitrary code execution | A race condition was addressed with improved locking. | CVE-2018-4192 |
| WebKit | Processing maliciously crafted web content may lead to an unexpected Safari crash | A memory corruption issue was addressed with improved input validation. | CVE-2018-4214 |
| WebKit | Processing maliciously crafted web content may lead to arbitrary code execution | A memory corruption issue was addressed with improved memory handling. | CVE-2018-4204 |
| WebKit | Processing maliciously crafted web content may lead to arbitrary code execution | A type confusion issue was addressed with improved memory handling. | CVE-2018-4246 |
| WebKit | Visiting a maliciously crafted website may leak sensitive data | Credentials were unexpectedly sent when fetching CSS mask images. This was addressed by using a CORS-enabled fetch method. | CVE-2018-4190 |
| WebKit | Processing maliciously crafted web content may lead to arbitrary code execution | An out-of-bounds read was addressed with improved input validation. | CVE-2018-4222 |
Apple Watch
| Componeent | Model | Impact | Details | CVE | |
|---|---|---|---|---|---|
| Crash Reporter | All Apple Watch models | An application may be able to gain elevated privileges | A memory corruption issue was addressed with improved error handling. | CVE-2018-4206 | |
| FontParser | All Apple Watch models | Processing a maliciously crafted font file may lead to arbitrary code execution | A memory corruption issue was addressed with improved validation. | CVE-2018-4211 | |
| Kernel | All Apple Watch models | An application may be able to execute arbitrary code with kernel privileges | A buffer overflow was addressed with improved bounds checking. | CVE-2018-4241,CVE-2018-4243 | |
| Kernel | All Apple Watch models | An application may be able to execute arbitrary code with kernel privileges | A memory corruption issue was addressed with improved memory handling. | CVE-2018-4249 | |
| libxpc | All Apple Watch models | An application may be able to gain elevated privileges | A logic issue was addressed with improved validation. | CVE-2018-4237 | |
| Messages | All Apple Watch models | A local user may be able to conduct impersonation attacks | An injection issue was addressed with improved input validation. | CVE-2018-4235 | |
| Messages | All Apple Watch models | Processing a maliciously crafted message may lead to a denial of service | This issue was addressed with improved message validation. | CVE-2018-4240 | |
| Security | All Apple Watch models | A local user may be able to read a persistent device identifier | An authorization issue was addressed with improved state management. | CVE-2018-4224 | |
| Security | All Apple Watch models | A local user may be able to modify the state of the Keychain | An authorization issue was addressed with improved state management. | CVE-2018-4225 | |
| Security | All Apple Watch models | A local user may be able to read a persistent account identifier | An authorization issue was addressed with improved state management. | CVE-2018-4223 | |
| Security | All Apple Watch models | A local user may be able to view sensitive user information | An authorization issue was addressed with improved state management. | CVE-2018-4226 | |
| UIKit | All Apple Watch models | Processing a maliciously crafted text file may lead to a denial of service | A validation issue existed in the handling of text. This issue was addressed with improved validation of text. | CVE-2018-4198 | |
| WebKit | All Apple Watch models | Processing maliciously crafted web content may lead to arbitrary code execution | A race condition was addressed with improved locking. | CVE-2018-4192 | |
| WebKit | All Apple Watch models | Processing maliciously crafted web content may lead to an unexpected Safari crash | A memory corruption issue was addressed with improved input validation. | CVE-2018-4214 | |
| WebKit | All Apple Watch models | Processing maliciously crafted web content may lead to arbitrary code execution | A type confusion issue was addressed with improved memory handling. | CVE-2018-4246 | |
| WebKit | All Apple Watch models | Processing maliciously crafted web content may lead to arbitrary code execution | Multiple memory corruption issues were addressed with improved memory handling. | CVE-2018-4201,CVE-2018-4218,CVE-2018-4233 | |
| WebKit | All Apple Watch models | Processing maliciously crafted web content may lead to arbitrary code execution | An out-of-bounds read was addressed with improved input validation. | CVE-2018-4222 |
---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
Twitter|
Keywords:
0 comment(s)
My next class:
| Network Monitoring and Threat Detection In-Depth | Singapore | Nov 18th - Nov 23rd 2024 |
×
![modal content]()
Diary Archives
Comments