My next class:

Apple Patches "Trident" Vulnerabilities in OS X / Safari

Published: 2016-09-02. Last Updated: 2016-09-02 11:33:23 UTC
by Johannes Ullrich (Version: 1)
1 comment(s)

About a week ago, Apple patched three vulnerabilities in iOS that had been used in a targeted exploit. This set of vulnerabilities, also known as "Trident," affected WebKit and the iOS kernel. Given the substantial code overlap between iOS and OS X, and in particular the fact that one of the vulnerabilities affected WebKit, it is no surprise that OS X and Safari are vulnerable as well.

Yesterday, Apple released a patch of OS X and Safari to address these issues.

The OS X update, which is only available for El Capitan and Yosemite, fixes the two kernel vulnerabilities. The Safari update which is available for OS X Mavericks and Yosemite (not the latest version, El Capitan), fixes the WebKit vulnerability.

I recommend patching these quickly given that the same vulnerabilities have already been exploited for iOS.

---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

1 comment(s)
My next class:

Comments

I would love to see tools released for OSX and iOS to scan for indicators of compromise; are we closing the stable door after the trojan horse has been wheeled through it?

I guess Apple would need be challenged to create the scanner for iOS as they're the ones with the permissions to do so on non-jailbroken devices. As we would like to think they are..

dotBATman

Diary Archives