Apple Patches Everything

And to not be outdone by Microsoft and Adobe, Apple just released patches for:

iOS 9.2

    A total of 50 vulnerabilities (CVE IDs) are addressed. About 10 of them affect WebKit and may lead to arbitrary code execution by visiting a malicious website. There are a large number of additional remote code execution vulnerabilities in various iOS components that are patched.

watchOS 2.1

   A lot of overlap with patches released for iOS, but no WebKit issues as watchOS does not include a browser.

XCode 7.2

   Updates to git, otools and IDE SCM. The git update fixes a number of vulnerablities that have been known (and fixed) in the open source software for a while.

  OS X 10.11.2 (and Security Update 2015-008 for Mavericks and Yosemite)

  updates to various open sources packages (libressl, OpenSSH, libxml2 and others). Also improvements to some hardware drivers (e.g. thunderbolt)

Safari 9.0.2

   fixes webkit issues for Yosemite, Mavericks and Ell Capitan


   This affects the just released 4th generation Apple TV and addresses similar vulnerabilities as the new version of iOS.

Details can be found as usual here:

Johannes B. Ullrich, Ph.D.

I will be teaching next: Intrusion Detection In-Depth - SANS Cyber Safari 2022


4592 Posts
ISC Handler
Dec 8th 2015
Can anybody confirm this fixes the bug where notifications sometimes just stop when the screen is locked? Had this happen to myself twice, and a user once.
This update apparently has an issue with MDMs and managed apps. Devices currently enrolled will be unable to download managed apps unless the device is re-enrolled.

Apps already installed will work without issue.

It sounds like the fix will need to come from the MDM side, not Apple.

Sign Up for Free or Log In to start participating in the conversation!