Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93098 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Apple updates...

Started by AplusWebMaster , Nov 03 2007 06:10 AM

  • Please log in to reply
240 replies to this topic

#211 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 01 September 2016 - 01:37 PM

FYI...

- https://support.appl.../en-us/HT201222

Security Update 2016-001 El Capitan and Security Update 2016-005 Yosemite
- https://support.appl.../en-us/HT207130
Sep 1, 2016 - "Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6 ..."
- https://lists.apple....p/msg00001.html

Safari 9.1.3
- https://support.appl.../en-us/HT207131
Sep 1, 2016 - "Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.6 ..."
- https://lists.apple....p/msg00000.html
___

- https://isc.sans.edu...l?storyid=21439
2016-09-02 - "... The OS X update, which is only available for El Capitan and Yosemite, fixes the two kernel vulnerabilities. The Safari update which is available for OS X Mavericks and Yosemite... fixes the WebKit vulnerability... recommend patching these quickly given that the same vulnerabilities have already been exploited for iOS."

___

- https://www.us-cert....ecurity-Updates
Sep 01, 2016
 

:ph34r: :ph34r:


Edited by AplusWebMaster, 06 September 2016 - 03:39 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

    Advertisements

Register to Remove

#212 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 14 September 2016 - 04:07 AM

FYI...

- https://support.appl.../en-us/HT201222

iOS 10
- https://support.appl.../en-us/HT207143
Sep 13, 2016 - "Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later..."

iOS 10.0.1
- https://support.appl.../en-us/HT207145
Sep 13, 2016 - "... iOS 10.0.1 also includes the security content of iOS 10."

- http://www.securityt....com/id/1036797
CVE Reference: CVE-2016-4620, CVE-2016-4719, CVE-2016-4740, CVE-2016-4741, CVE-2016-4746, CVE-2016-4747, CVE-2016-4749
Sep 13 2016
Impact: Denial of service via network, Disclosure of authentication information, Disclosure of system information, Disclosure of user information
Fix Available:  Yes  Vendor Confirmed:  Yes ...  
Impact: A remote user in a privileged network position can prevent software updates.
A remote user in a privileged network position can obtain mail credentials.
A local user can obtain potentially sensitive information on the target system.
Solution: The vendor has issued a fix (10.0, 10.0.1)...
___

Xcode 8
- https://support.appl.../en-us/HT207140
Sep 13, 2016 - "Available for: OS X El Capitan v10.11.5 and later..."

watchOS 3
- https://support.appl.../en-us/HT207141
Sep 13, 2016 - "Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermès"
___

- https://www.us-cert....ecurity-Updates
Sep 13, 2016
 

:ph34r: :ph34r:


Edited by AplusWebMaster, 14 September 2016 - 06:00 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#213 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 20 September 2016 - 02:10 PM

FYI...

- https://support.appl.../en-us/HT201222

Safari 10
- https://support.appl.../en-us/HT207157
Sep 20, 2016 - "Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6..."
- https://lists.apple....p/msg00007.html

- http://www.securityt....com/id/1036854
CVE Reference: CVE-2016-4611, CVE-2016-4618, CVE-2016-4728, CVE-2016-4729, CVE-2016-4730, CVE-2016-4731, CVE-2016-4733, CVE-2016-4734, CVE-2016-4735, CVE-2016-4737, CVE-2016-4751, CVE-2016-4758, CVE-2016-4759, CVE-2016-4760, CVE-2016-4762, CVE-2016-4763, CVE-2016-4765, CVE-2016-4766, CVE-2016-4767, CVE-2016-4768, CVE-2016-4769
Sep 21 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 10.0 ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can bypass security controls on the target system.
A remote user can spoof the address bar.
A remote user can obtain potentially sensitive information.
A remote user can access the target user's cookies (including authentication cookies), if any, associated with an arbitrary site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
Solution: The vendor has issued a fix (10.0)...
___

macOS Sierra 10.12
- https://support.appl.../en-us/HT207170
Sep 20, 2016 - "Available for: OS X El Capitan v10.11.6..."
- https://lists.apple....p/msg00006.html
___

macOS Server 5.2
- https://support.appl.../en-us/HT207171
Sep 20, 2016 - "Available for: macOS Sierra 10.12..."
- https://lists.apple....p/msg00009.html
___

iCloud for Windows 6.0
- https://support.appl.../en-us/HT207147
Sep 20, 2016 - "Available for: Windows 7 and later..."
- https://lists.apple....p/msg00013.html
___

iTunes 12.5.1 for Windows
- https://support.appl.../en-us/HT207158
Sep 13, 2016 - "Available for: Windows 7 and later..."
- https://lists.apple....p/msg00012.html
___

- https://www.us-cert....ecurity-Updates
Sep 20, 2016
 

:ph34r: :ph34r:


Edited by AplusWebMaster, 21 September 2016 - 02:21 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#214 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 24 October 2016 - 01:04 PM

FYI...

- https://support.appl.../en-us/HT201222

iOS 10.1
- https://support.appl.../en-us/HT207271
Oct 24, 2016 - "Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later..."
- http://www.securityt....com/id/1037088
CVE Reference: CVE-2016-4664, CVE-2016-4665, CVE-2016-4680, CVE-2016-4686
Oct 25 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Impact: An application user can obtain potentially sensitive information on the target system.
Solution: The vendor has issued a fix (10.1)...

Safari 10.0.1
- https://support.appl.../en-us/HT207272
Oct 24, 2016 - "Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12..."
- http://www.securityt....com/id/1037087
CVE Reference:   CVE-2016-4666, CVE-2016-4676, CVE-2016-4677
Oct 25 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 10.0.1...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can obtain potentially sensitive information on the target system.
Solution: The vendor has issued a fix (10.0.1)...

macOS Sierra 10.12.1
- https://support.appl.../en-us/HT207275
Oct 24, 2016 - "Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6..."
- http://www.securityt....com/id/1037086
CVE Reference: CVE-2016-4635, CVE-2016-4660, CVE-2016-4661, CVE-2016-4662, CVE-2016-4663, CVE-2016-4667, CVE-2016-4669, CVE-2016-4671, CVE-2016-4673, CVE-2016-4674, CVE-2016-4675, CVE-2016-4678, CVE-2016-4679, CVE-2016-4682, CVE-2016-7579
Oct 25 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 10.12.1 ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A local user can cause denial of service conditions on the target system.
A remote user can modify files on the target system.
A local user can obtain root privileges on the target system.
A remote user can obtain potentially sensitive information on the target system.
Solution: The vendor has issued a fix (10.12.1)...

tvOS 10.0.1
- https://support.appl.../en-us/HT207270
Oct 24, 2016 - "Available for: Apple TV (4th generation)..."

watchOS 3.1
- https://support.appl.../en-us/HT207269
Oct 24, 2016 - "Available for: All Apple Watch models..."
 

:ph34r:


Edited by AplusWebMaster, 25 October 2016 - 03:09 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#215 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 28 October 2016 - 09:07 AM

FYI...

- https://support.appl.../en-us/HT201222

iTunes 12.5.2 for Windows
- https://support.appl.../en-us/HT207274
Oct 27, 2016 - "Available for: Windows 7 and later..."
- http://www.securityt....com/id/1037139
CVE Reference: CVE-2016-4613, CVE-2016-7578
Oct 28 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 12.5.2 ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can obtain potentially sensitive information on the target system.
Solution: The vendor has issued a fix (12.5.2; for Windows)...
___

iCloud for Windows 6.0.1
- https://support.appl.../en-us/HT207273
Oct 27, 2016 - "Available for: Windows 7 and later..."
___

Xcode 8.1
- https://support.appl.../en-us/HT207268
Oct 27, 2016 - "Available for: OS X El Capitan v10.11.5 and later..."
 

:ph34r: :ph34r:


.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#216 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 31 October 2016 - 01:24 PM

FYI...

- https://support.appl.../en-us/HT201222

iOS 10.1.1
- https://support.appl.../en-us/HT207287
Oct 31, 2016 - "iOS 10.1.1 includes the security content of iOS 10.1*."

iOS 10.1
* https://support.appl.../en-us/HT207271
Oct 24, 2016

> http://www.macrumors...ses-ios-10-1-1/
Oct 31, 2016 - "...Today's update fixes bugs including an issue where Health data could not be viewed for some users. iOS 10.1.1 can be downloaded as a free over-the-air update on all iPhone, iPad, and iPod touch models compatible with iOS 10...
Update: Apple has subsequently stopped signing iOS 10.0.2 and iOS 10.0.3, meaning that users can no longer downgrade to those software versions."

- http://appleinsider....a-in-health-app
Oct 31, 2016
 

:ph34r:


.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#217 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 12 December 2016 - 01:17 PM

FYI...

- https://support.appl.../en-us/HT201222

iOS 10.2 released
- https://support.appl.../en-us/HT207422
Dec 12, 2016 - "Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later..."

- http://appleinsider....refreshed-emoji
Dec 12, 2016

- http://www.securityt....com/id/1037429
CVE Reference: CVE-2016-4689, CVE-2016-4690, CVE-2016-4781, CVE-2016-7597, CVE-2016-7601, CVE-2016-7626, CVE-2016-7634, CVE-2016-7638, CVE-2016-7651, CVE-2016-7653, CVE-2016-7664, CVE-2016-7665
Dec 13 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 10.2 ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can cause denial of service conditions.
A local user can obtain passwords on the target system.
A remote or local user can bypass security controls on the target system.
Solution: The vendor has issued a fix (10.2)...
___

tvOS 10.1
- https://support.appl.../en-us/HT207425
Dec 12, 2016

watchOS 3.1.1
- https://support.appl.../en-us/HT207426
Dec 12, 2016
___

- https://www.us-cert....ecurity-Updates
Dec 12, 2016
 

:ph34r:


Edited by AplusWebMaster, 13 December 2016 - 04:55 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#218 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 14 December 2016 - 08:49 AM

FYI...

- https://support.appl.../en-us/HT201222

Safari 10.0.2
- https://support.appl.../en-us/HT207421
Dec 13, 2016 - "Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.2..."
- http://www.securityt....com/id/1037459
CVE Reference: CVE-2016-4692, CVE-2016-4743, CVE-2016-7586, CVE-2016-7587, CVE-2016-7589, CVE-2016-7592, CVE-2016-7598, CVE-2016-7599, CVE-2016-7610, CVE-2016-7611, CVE-2016-7623, CVE-2016-7632, CVE-2016-7635, CVE-2016-7639, CVE-2016-7640, CVE-2016-7641, CVE-2016-7642, CVE-2016-7645, CVE-2016-7646, CVE-2016-7648, CVE-2016-7649, CVE-2016-7650, CVE-2016-7652, CVE-2016-7654, CVE-2016-7656
Dec 13 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 10.0.2
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can obtain potentially sensitive information on the target system.
A remote user can access the target user's cookies (including authentication cookies), if any, associated with an arbitrary site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
Solution: The vendor has issued a fix (10.0.2)...

iCloud for Windows 6.1
- https://support.appl.../en-us/HT207424
Dec 13, 2016 - "Available for: Windows 7 and later..."

iTunes 12.5.4 for Windows
- https://support.appl.../en-us/HT207427
Dec 13, 2016 - "Available for: Windows 7 and later..."

macOS Sierra 10.12.2
- https://support.appl.../en-us/HT207423
Dec 13, 2016 - "Available for: macOS Sierra 10.12.1..."
- http://www.securityt....com/id/1037469
CVE Reference:   CVE-2016-4688, CVE-2016-4691, CVE-2016-4693, CVE-2016-7588, CVE-2016-7591, CVE-2016-7594, CVE-2016-7595, CVE-2016-7596, CVE-2016-7600, CVE-2016-7602, CVE-2016-7603, CVE-2016-7604, CVE-2016-7605, CVE-2016-7606, CVE-2016-7607, CVE-2016-7608, CVE-2016-7609, CVE-2016-7612, CVE-2016-7615, CVE-2016-7616, CVE-2016-7617, CVE-2016-7618, CVE-2016-7619, CVE-2016-7620, CVE-2016-7621, CVE-2016-7622, CVE-2016-7624, CVE-2016-7625, CVE-2016-7627, CVE-2016-7628, CVE-2016-7629, CVE-2016-7633, CVE-2016-7636, CVE-2016-7637, CVE-2016-7643, CVE-2016-7644, CVE-2016-7655, CVE-2016-7657, CVE-2016-7658, CVE-2016-7659, CVE-2016-7660, CVE-2016-7661, CVE-2016-7662, CVE-2016-7663
Dec 14 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 10.12.2
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote or local user can cause denial of service conditions on the target system.
A remote or local user can obtain potentially sensitive information on the target system.
A local user can obtain elevated privileges on the target system.
A local user can modify data and files on the target system.
Solution: The vendor has issued a fix (10.12.2)...

Transporter 1.9.2
- https://support.appl.../en-us/HT207432
Dec 5, 2016 - "Available for: iTunes Producer 3.1.1, OS X v10.6 and later (64 bit), Windows 7 and later (32 bit), and Red Hat Enterprise Linux (64 bit)..."
___

- https://www.us-cert....ecurity-Updates
Dec 14, 2016
 

:ph34r: :ph34r:


Edited by AplusWebMaster, 15 December 2016 - 04:18 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#219 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 19 January 2017 - 06:11 AM

FYI...

- https://support.appl.../en-us/HT201222

GarageBand 10.1.5
- https://support.appl.../en-us/HT207477
Jan 18, 2017 - "Available for: OS X Yosemite v10.10 and later..."

- http://www.securityt....com/id/1037627
CVE Reference: CVE-2017-2372
Jan 18 2017
Fix Available:  Yes  Vendor Confirmed:  Yes ...
Impact: A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution: The vendor has issued a fix (10.1.5)...
___

Logic Pro X 10.3
- https://support.appl.../en-us/HT207476
Jan 18, 2017 - "Available for: OS X Yosemite v10.10 and later (64 bit)..."
___

- http://arstechnica.c...ld-for-2-years/
Jan 18, 2017
- https://blog.malware...ntiquated-code/
Jan 18, 2017
 

:ph34r: :ph34r:


Edited by AplusWebMaster, 19 January 2017 - 06:43 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#220 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 23 January 2017 - 01:58 PM

FYI...

- https://support.appl.../en-us/HT201222

iOS 10.2.1 released
- https://support.appl.../en-us/HT207482
Jan 23, 2017 - "Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later..."

- http://www.securityt....com/id/1037668
CVE Reference: CVE-2016-8687, CVE-2017-2350, CVE-2017-2351, CVE-2017-2352, CVE-2017-2354, CVE-2017-2355, CVE-2017-2356, CVE-2017-2360, CVE-2017-2362, CVE-2017-2363, CVE-2017-2364, CVE-2017-2365, CVE-2017-2366, CVE-2017-2368, CVE-2017-2369, CVE-2017-2370, CVE-2017-2371, CVE-2017-2373
Jan 23 2017
Fix Available:  Yes  Vendor Confirmed:  Yes ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can cause denial of service conditions.
A local user can bypass security controls on the target system.
A remote user can gain elevated privileges on the target system.
A remote user can bypass security controls on the target system.
A remote user can obtain potentially sensitive information on the target system.
Solution: The vendor has issued a fix (10.2.1)...
___

iTunes 12.5.5 for Windows
- https://support.appl.../en-us/HT207486
Jan 23, 2017 - "Available for: Windows 7 and later..."
___

Safari 10.0.3 released
- https://support.appl.../en-us/HT207484
Jan 23, 2017 - "Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.3..."

- http://www.securityt....com/id/1037669 
CVE Reference: CVE-2017-2359
Jan 23 2017
Fix Available:  Yes  Vendor Confirmed:  Yes ...
Impact: A remote user can spoof a URL.
Solution: The vendor has issued a fix (10.0.3)...
___

iCloud for Windows 6.1.1 released
- https://support.appl.../en-us/HT207481
Jan 23, 2017 - "Available for: Windows 7 and later..."
___

macOS Sierra 10.12.3 released
- https://support.appl.../en-us/HT207483
Jan 23, 2017 - "Available for: macOS Sierra 10.12.2..."

- http://www.securityt....com/id/1037671
CVE Reference: CVE-2017-2353, CVE-2017-2357, CVE-2017-2358, CVE-2017-2361
Jan 23 2017
Fix Available:  Yes  Vendor Confirmed:  Yes ...
Impact: An application can gain elevated privileges on the target system.
An application can determine kernel memory layout.
A remote user can execute arbitrary scripting code on the target user's system.
Solution: The vendor has issued a fix (10.12.3)...
___

tvOS 10.1.1
- https://support.appl.../en-us/HT207485
Jan 23, 2017 - "Available for: Apple TV (4th generation)..."
___

watchOS 3.1.3
- https://support.appl.../en-us/HT207487
Jan 23, 2017 - "Available for: All Apple Watch models..."
___

- https://www.us-cert....ecurity-Updates
Jan 23, 2017
 

:ph34r: :ph34r:


Edited by AplusWebMaster, 24 January 2017 - 06:49 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

    Advertisements

Register to Remove

#221 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 13 February 2017 - 02:12 PM

FYI...

- https://support.appl.../en-us/HT201222

GarageBand 10.1.6
- https://support.appl.../en-us/HT207518
Feb 13, 2017 - "Available for: OS X Yosemite v10.10 and later
Impact: Opening a maliciously crafted GarageBand project file may lead to arbitrary code execution
Description: A memory corruption issue was addressed through improved memory handling."
- https://web.nvd.nist...d=CVE-2017-2374
___

- https://www.us-cert....Security-Update
Feb 14, 2017
 

:ph34r:


Edited by AplusWebMaster, 23 February 2017 - 10:07 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#222 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 21 February 2017 - 04:12 PM

FYI...

- https://support.appl.../en-us/HT201222

Logic Pro X 10.3.1
- https://support.appl.../en-us/HT207519
Feb 21, 2017 - "Available for: OS X Yosemite v10.10 and later (64 bit)
Impact: Opening a maliciously crafted GarageBand project file may lead to arbitrary code execution
Description: A memory corruption issue was addressed through improved memory handling."
- https://web.nvd.nist...d=CVE-2017-2374
___

- https://www.us-cert....Security-Update
Feb 21, 2017
 

:ph34r:


Edited by AplusWebMaster, 23 February 2017 - 10:07 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#223 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 25 March 2017 - 04:50 AM

FYI...

- https://support.appl.../en-us/HT201222

iTunes 12.6 released
- https://support.appl.../en-us/HT207598
Mar 21, 2017 - "Available for: OS X Mavericks v10.9.5 and later..."
___

iTunes 12.6 for Windows
- https://support.appl.../en-us/HT207599
Mar 21, 2017 - "Available for: Windows 7 and later..."
... added more "Entries" March 28, 2017

- http://www.securityt....com/id/1038157
CVE Reference: CVE-2017-2383, CVE-2017-2463, CVE-2017-2479, CVE-2017-2480, CVE-2017-5029

Mar 29 2017
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 12.6 ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can obtain potentially sensitive information on the target system.
Solution: The vendor has issued a fix (12.6)...
The vendor advisory is available at: https://support.appl.../en-us/HT207599
___

- https://www.us-cert....y-Update-iTunes
Mar 24, 2017
 

:ph34r:


Edited by AplusWebMaster, 29 March 2017 - 01:29 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#224 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 27 March 2017 - 03:06 PM

FYI...

- https://support.appl.../en-us/HT201222

Apple Releases Security Update for iWork
- https://www.us-cert....ty-Update-iWork
Mar 27, 2017

- https://support.appl.../en-us/HT207595
Mar 27, 2017 - "Available for: macOS 10.12 or later, iOS 10.0 or later..."

- http://www.securityt....com/id/1038134
CVE Reference: CVE-2017-2391
Mar 27 2017
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 4.1 ...
Impact: A user with access to exported PDF documents can obtain potentially sensitive information from the password protected exported PDF.
Solution: The vendor has issued a fix (4.1)...
The vendor advisory is available at: https://support.appl.../en-us/HT207595

- http://www.securityt....com/id/1038135
CVE Reference: CVE-2017-2391
Mar 27 2017
Fix Available:  Yes  Vendor Confirmed:  Yes  
Impact: A user with access to exported PDF documents can obtain potentially sensitive information from the password protected exported PDF.
Solution: The vendor has issued a fix (6.1)...
The vendor advisory is available at: https://support.appl.../en-us/HT207595

- http://www.securityt....com/id/1038136
CVE Reference: CVE-2017-2391
Mar 27 2017
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 7.1...
Impact: A user with access to exported PDF documents can obtain potentially sensitive information from the password protected exported PDF.
Solution: The vendor has issued a fix (7.1)...
The vendor advisory is available at: https://support.appl.../en-us/HT207595
___

Safari 10.1
- https://support.appl.../en-us/HT207600
Mar 27 2017 - "Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4.."

- http://www.securityt....com/id/1038137
CVE Reference:   CVE-2016-9642, CVE-2016-9643, CVE-2017-2364, CVE-2017-2367, CVE-2017-2376, CVE-2017-2377, CVE-2017-2378, CVE-2017-2385, CVE-2017-2386, CVE-2017-2389, CVE-2017-2394, CVE-2017-2395, CVE-2017-2396, CVE-2017-2405, CVE-2017-2415, CVE-2017-2419, CVE-2017-2424, CVE-2017-2433, CVE-2017-2442, CVE-2017-2444, CVE-2017-2445, CVE-2017-2446, CVE-2017-2447, CVE-2017-2453, CVE-2017-2454, CVE-2017-2455, CVE-2017-2459, CVE-2017-2460, CVE-2017-2464, CVE-2017-2465, CVE-2017-2466, CVE-2017-2468, CVE-2017-2469, CVE-2017-2470, CVE-2017-2471, CVE-2017-2475, CVE-2017-2476, CVE-2017-2481   (Links to External Site)
Mar 27 2017
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 10.1...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can cause denial of service conditions.
A local user can obtain potentially sensitive information on the target system.
A remote user can bypass security controls on the target system.
A remote user can obtain potentially sensitive information on the target system.
A remote user can spoof a URL.
A remote user can access the target user's cookies (including authentication cookies), if any, associated with the site running the Apple Safari software, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
Solution: The vendor has issued a fix (10.1).
The vendor advisory is available at: https://support.appl.../en-us/HT207600
___

macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite
- https://support.appl.../en-us/HT207615
Mar 27 2017

- http://www.securityt....com/id/1038138
CVE Reference: CVE-2016-5636, CVE-2016-7585, CVE-2017-2379, CVE-2017-2381, CVE-2017-2388, CVE-2017-2390, CVE-2017-2392, CVE-2017-2398, CVE-2017-2401, CVE-2017-2402, CVE-2017-2403, CVE-2017-2406, CVE-2017-2407, CVE-2017-2408, CVE-2017-2409, CVE-2017-2410, CVE-2017-2413, CVE-2017-2416, CVE-2017-2417, CVE-2017-2418, CVE-2017-2420, CVE-2017-2421, CVE-2017-2422, CVE-2017-2423, CVE-2017-2425, CVE-2017-2426, CVE-2017-2427, CVE-2017-2428, CVE-2017-2429, CVE-2017-2430, CVE-2017-2431, CVE-2017-2432, CVE-2017-2435, CVE-2017-2436, CVE-2017-2437, CVE-2017-2438, CVE-2017-2439, CVE-2017-2440, CVE-2017-2441, CVE-2017-2443, CVE-2017-2448, CVE-2017-2449, CVE-2017-2450, CVE-2017-2451, CVE-2017-2456, CVE-2017-2457, CVE-2017-2458, CVE-2017-2461, CVE-2017-2462, CVE-2017-2467, CVE-2017-2472, CVE-2017-2473, CVE-2017-2474, CVE-2017-2478, CVE-2017-2482, CVE-2017-2483, CVE-2017-2485, CVE-2017-2486, CVE-2017-2487, CVE-2017-6974
Updated: Mar 28 2017
Impact: Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of system information, Modification of user information, User access via local system, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes ...
Solution: The vendor has issued a fix (Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite).
The vendor advisory is available at: https://support.appl.../en-us/HT207615 
___

iOS 10.3
- https://support.appl.../en-us/HT207617
Mar 27 2017 - "Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later..."

- http://www.securityt....com/id/1038139
CVE Reference: CVE-2017-2384, CVE-2017-2393, CVE-2017-2397, CVE-2017-2399, CVE-2017-2400, CVE-2017-2404, CVE-2017-2412, CVE-2017-2414, CVE-2017-2434, CVE-2017-2452, CVE-2017-2484
Mar 28 2017
Impact: Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of system information, Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 10.3...
Impact: A remote user can access and modify certain iTunes data.
A local user can obtain potentially sensitive information on the target system.
A remote user can conduct cross-site scripting attacks.
Solution: The vendor has issued a fix (10.3).
The vendor advisory is available at: https://support.appl.../en-us/HT207617
___

macOS Server 5.3
- https://support.appl.../en-us/HT207604
Mar 27 2017 - "Available for: macOS 10.12.4 and later..."

- http://www.securityt....com/id/1038144
CVE Reference: CVE-2007-6750, CVE-2017-2382
Mar 28 2017
Impact: Denial of service via network, Disclosure of system information
Fix Available:  Yes  Vendor Confirmed:  Yes ...
Impact: A remote user can cause denial of service conditions.
A remote user can determine valid usernames on the target system.
Solution: The vendor has issued a fix (macOS Server 5.3).
The vendor advisory is available at: https://support.appl.../en-us/HT207604
___

tvOS 10.2
- https://support.appl.../en-us/HT207601
Mar 27 2017 - "Available for: Apple TV (4th generation)..."
___

watchOS 3.2
- https://support.appl.../en-us/HT207602
Mar 27 2017 - "Available for: All Apple Watch models..."
___

- https://www.us-cert....ty-Update-iWork
Mar 27 2017
 

:ph34r: :ph34r: :ph34r:


Edited by AplusWebMaster, 28 March 2017 - 05:22 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#225 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 29 March 2017 - 01:08 PM

FYI...

- https://support.appl.../en-us/HT201222

iCloud for Windows 6.2
- https://support.appl.../en-us/HT207607
Mar 28, 2017 - "Available for: Windows 7 and later..."
 

:ph34r:


.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

Related Topics

Back to Updates To Software · Next Unread Topic →

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. What the Tech
  2. Discussion
  3. Updates To Software
  4. Privacy Policy
  5. Terms of Use ·