Apple security updates - 2017.10.31
FYI...
> https://support.apple.com/en-us/HT201222
iOS 11.1
- https://support.apple.com/en-us/HT208222
Oct 31, 2017 - "Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation..."
- https://www.securitytracker.com/id/1039703
CVE Reference: CVE-2017-13080, CVE-2017-13783, CVE-2017-13784, CVE-2017-13785, CVE-2017-13788, CVE-2017-13791, CVE-2017-13792, CVE-2017-13793, CVE-2017-13794, CVE-2017-13795, CVE-2017-13796, CVE-2017-13798, CVE-2017-13799, CVE-2017-13802, CVE-2017-13803, CVE-2017-13804, CVE-2017-13805, CVE-2017-13844, CVE-2017-13849, CVE-2017-7113
Oct 31 2017
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 11.1 ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can modify data on the target system.
A remote user can cause the target service to crash.
A local user can obtain potentially sensitive information on the target system.
An application can obtain elevated privileges on the target system.
Solution: The vendor has issued a fix (11.1)...
___
Safari 11.1
- https://support.apple.com/en-us/HT208223
Oct 31, 2017 - "Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13..."
- https://www.securitytracker.com/id/1039706
CVE Reference: CVE-2017-13789, CVE-2017-13790
Oct 31 2017
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 11.1 ...
Impact: A remote user can spoof a URL in the address bar.
Solution: The vendor has issued a fix (11.1)...
___
macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan
- https://support.apple.com/en-us/HT208221
Oct 31, 2017 - "Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6..."
- https://www.securitytracker.com/id/1039710
CVE Reference: CVE-2017-13782, CVE-2017-13786, CVE-2017-13800, CVE-2017-13801, CVE-2017-13807, CVE-2017-13808, CVE-2017-13809, CVE-2017-13810, CVE-2017-13811, CVE-2017-13812, CVE-2017-13813, CVE-2017-13814, CVE-2017-13815, CVE-2017-13816, CVE-2017-13817, CVE-2017-13818, CVE-2017-13819, CVE-2017-13820, CVE-2017-13821, CVE-2017-13822, CVE-2017-13823, CVE-2017-13824, CVE-2017-13825, CVE-2017-13828, CVE-2017-13830, CVE-2017-13831, CVE-2017-13832, CVE-2017-13834, CVE-2017-13836, CVE-2017-13838, CVE-2017-13840, CVE-2017-13841, CVE-2017-13842, CVE-2017-13843, CVE-2017-13846, CVE-2017-7132
Nov 1 2017
Fix Available: Yes Vendor Confirmed: Yes ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can cause denial of service conditions.
A local user can obtain potentially sensitive information on the target system.
A local user can obtain potentially sensitive information from system memory on the target system.
An application can obtain elevated privileges on the target system.
Solution: The vendor has issued a fix...
___
iCloud for Windows 7.1
- https://support.apple.com/en-us/HT208225
Oct 31, 2017 - "Available for: Windows 7 and later..."
___
iTunes 12.7.1 for Windows
- https://support.apple.com/en-us/HT208224
Oct 31, 2017 - "Available for: Windows 7 and later..."
___
tvOS 11.1
- https://support.apple.com/en-us/HT208219
Oct 31, 2017 - "Available for: Apple TV 4K and Apple TV (4th generation)..."
___
watchOS 4.1
- https://support.apple.com/en-us/HT208220
Oct 31, 2017 - "Available for: All Apple Watch models..."
___
- https://www.us-cert.gov/ncas/current...curity-Updates
Oct 31, 2017
:fear::fear::fear:
Thunderbird 52.5.0 released
FYI...
Thunderbird 52.5.0 released
- https://www.mozilla.org/en-US/thunde.../releasenotes/
Nov 23, 2017
New: Better support for Charter/Spectrum IMAP: Thunderbird will now detect Charter's IMAP service and send an additional - IMAP select command to the server. Check the various preferences ending in "force_select" to see whether auto-detection has discovered this case.
Fixed:
- In search folders spanning multiple base folders clicking on a message sometimes marked another message as read
- IMAP alerts have been corrected and now show the correct server name in case of connection problems
- POP alerts have been corrected and now indicate connection problems in case the configured POP server cannot be found
- Various security fixes:
- https://www.mozilla.org/en-US/securi...hunderbird52.5
> https://www.mozilla.org/en-US/securi...s/mfsa2017-26/
Critical:
CVE-2017-7828: Use-after-free of PressShell while restyling layout
CVE-2017-7826: Memory safety bugs fixed in Firefox 57, Firefox ESR 52.5, and Thunderbird 52.5
Automated Updates: https://support.mozilla.org/en-US/kb...ng-thunderbird
Manual check: Go to >Help >About Thunderbird
Addons: https://addons.mozilla.org/en-US/thunderbird/
Download
- https://www.mozilla.org/en-US/thunderbird/all/
:fear::fear:
Apple Security Update 2017-001 - macOS High Sierra 10.13.1
FYI...
Security Update 2017-001 - macOS High Sierra 10.13.1
- https://support.apple.com/en-us/HT208315
Nov 29, 2017 - "Available for: macOS High Sierra 10.13.1
Not impacted: macOS Sierra 10.12.6 and earlier
Impact: An attacker may be able to bypass administrator authentication without supplying the administrator’s password
Description: A logic error existed in the validation of credentials. This was addressed with improved credential validation.
CVE-2017-13872: When you install Security Update 2017-001* on your Mac, the build number of macOS will be 17B1002. Learn how to find the macOS version and build number on your Mac**.
* https://support.apple.com/kb/HT201541
** https://support.apple.com/en-us/HT201260
If you require the root user account on your Mac, you will need to re-enable the root user and change the root user's password after this update***.
*** https://support.apple.com/en-us/HT204012
If you experience issues with authenticating or connecting to file shares on your Mac after you install this update, you can repair file sharing[4].
4] https://support.apple.com/kb/HT208317
___
- https://www.securitytracker.com/id/1039875
CVE Reference: CVE-2017-13872
Updated: Nov 29 2017
Fix Available: Yes Vendor Confirmed: Yes Exploit Included: Yes
Version(s): 10.13 ...
Impact: A local user can obtain root privileges on the target system.
Solution: The vendor has issued a fix...
> https://support.apple.com/en-us/HT208315
> https://www.computerworld.com/articl...w-updated.html
Nov 29, 2017
___
> https://www.kb.cert.org/vuls/id/113765
29 Nov 2017
- https://www.us-cert.gov/ncas/current...OS-High-Sierra
Nov 29, 2017
___
>> https://blog.malwarebytes.com/cyberc...the-root-user/
Nov 29, 2017
- https://blog.malwarebytes.com/threat...mroot-bug-fix/
Dec 4, 2017
:fear::fear::fear:
Apple updates - 2017.12.06
FYI...
- https://support.apple.com/en-us/HT201222
iOS 11.2
- https://support.apple.com/en-us/HT208334
Released Dec 2, 2017
IOKit: Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
Impact: An application may be able to execute arbitrary code with system privileges
Description: Multiple memory corruption issues were addressed through improved state management.
CVE-2017-13847: Ian Beer of Google Project Zero
IOMobileFrameBuffer: Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
Impact: An application may be able to execute arbitrary code with kernel privilege
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-13879: Apple
IOSurface: Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-13861: Ian Beer of Google Project Zero
Kernel: Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-13862: Apple
CVE-2017-13876: Ian Beer of Google Project Zero
Kernel: Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
Impact: An application may be able to read restricted memory
Description: An out-of-bounds read was addressed with improved bounds checking.
CVE-2017-13833: Brandon Azad
Kernel: Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
Impact: An application may be able to read restricted memory
Description: A type confusion issue was addressed with improved memory handling.
CVE-2017-13855: Jann Horn of Google Project Zero
Kernel: Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-13867: Ian Beer of Google Project Zero
Kernel: Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
Impact: An application may be able to read restricted memory
Description: Multiple validation issues were addressed with improved input sanitization.
CVE-2017-13865: Ian Beer of Google Project Zero
CVE-2017-13868: Brandon Azad
CVE-2017-13869: Jann Horn of Google Project Zero
Mail: Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
Impact: Incorrect certificate is used for encryption
Description: A S/MIME issue existed in the handling of encrypted email. This issue was addressed through improved selection of the encryption certificate.
CVE-2017-13874: an anonymous researcher
Mail Drafts: Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
Impact: An attacker with a privileged network position may be able to intercept mail
Description: An encryption issue existed with S/MIME credetials. The issue was addressed with additional checks and user control.
CVE-2017-13860: Michael Weishaar of INNEO Solutions GmbH
Wi-Fi: Available for: iPhone 6s, iPhone 6s Plus, iPhone 6, iPhone 6 Plus, iPhone SE, iPhone 5s, 12.9-inch iPad Pro 1st generation, iPad Air 2, iPad Air, iPad 5th generation, iPad mini 4, iPad mini 3, iPad mini 2, and iPod touch 6th generation
Released for iPhone 7 and later and iPad Pro 9.7-inch (early 2016) and later in iOS 11.1.
Impact: An attacker in Wi-Fi range may force nonce reuse in WPA multicast/GTK clients (Key Reinstallation Attacks - KRACK)
Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management.
CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU Leuven
Published Date: Dec 6, 2017
___
macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan
- https://support.apple.com/en-us/HT208331
Released Dec 6, 2017
apache: Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Processing a maliciously crafted Apache configuration directive may result in the disclosure of process memory
Description: Multiple issues were addressed by updating to version 2.4.28.
CVE-2017-9798
curl: Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Malicious FTP servers may be able to cause the client to read out-of-bounds memory
Description: An out-of-bounds read issue existed in the FTP PWD response parsing. This issue was addressed with improved bounds checking.
CVE-2017-1000254: Max Dymond
Directory Utility: Available for: macOS High Sierra 10.13 and macOS High Sierra 10.13.1
Not impacted: macOS Sierra 10.12.6 and earlier
Impact: An attacker may be able to bypass administrator authentication without supplying the administrator’s password
Description: A logic error existed in the validation of credentials. This was addressed with improved credential validation.
CVE-2017-13872
Intel Graphics Driver: Available for: macOS High Sierra 10.13.1
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-13883: an anonymous researcher
Intel Graphics Driver: Available for: macOS High Sierra 10.13.1
Impact: A local user may be able to cause unexpected system termination or read kernel memory
Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed through improved input validation.
CVE-2017-13878: Ian Beer of Google Project Zero
Intel Graphics Driver: Available for: macOS High Sierra 10.13.1
Impact: An application may be able to execute arbitrary code with system privileges
Description: An out-of-bounds read was addressed through improved bounds checking.
CVE-2017-13875: Ian Beer of Google Project Zero
IOAcceleratorFamily: Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to execute arbitrary code with system privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-13844: found by IMF developed by HyungSeok Han (daramg.gift) of SoftSec, KAIST (softsec.kaist.ac.kr)
IOKit: Available for: macOS High Sierra 10.13.1
Impact: An application may be able to execute arbitrary code with system privileges
Description: An input validation issue existed in the kernel. This issue was addressed through improved input validation.
CVE-2017-13848: Alex Plaskett of MWR InfoSecurity
CVE-2017-13858: an anonymous researcher
IOKit: Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to execute arbitrary code with system privileges
Description: Multiple memory corruption issues were addressed through improved state management.
CVE-2017-13847: Ian Beer of Google Project Zero
Kernel: Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-13862: Apple
Kernel: Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to read restricted memory
Description: An out-of-bounds read was addressed with improved bounds checking.
CVE-2017-13833: Brandon Azad
Kernel: Available for: macOS High Sierra 10.13.1
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-13876: Ian Beer of Google Project Zero
Kernel: Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to read restricted memory
Description: A type confusion issue was addressed with improved memory handling.
CVE-2017-13855: Jann Horn of Google Project Zero
Kernel: Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-13867: Ian Beer of Google Project Zero
Kernel: Available for: macOS High Sierra 10.13.1
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input sanitization.
CVE-2017-13865: Ian Beer of Google Project Zero
Kernel: Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input sanitization.
CVE-2017-13868: Brandon Azad
CVE-2017-13869: Jann Horn of Google Project Zero
Mail: Available for: macOS High Sierra 10.13.1
Impact: A S/MIME encrypted email may be inadvertently sent unencrypted if the receiver's S/MIME certificate is not installed
Description: An inconsistent user interface issue was addressed with improved state management.
CVE-2017-13871: an anonymous researcher
Mail Drafts: Available for: macOS High Sierra 10.13.1
Impact: An attacker with a privileged network position may be able to intercept mail
Description: An encryption issue existed with S/MIME credetials. The issue was addressed with additional checks and user control.
CVE-2017-13860: Michael Weishaar of INNEO Solutions GmbH
OpenSSL: Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to read restricted memory
Description: An out-of-bounds read issue existed in X.509 IPAddressFamily parsing. This issue was addressed with improved bounds checking.
CVE-2017-3735: found by OSS-Fuzz
Screen Sharing Server: Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6
Impact: A user with screen sharing access may be able to access any file readable by root
Description: A permissions issue existed in the handling of screen sharing sessions. This issue was addressed with improved permissions handling.
CVE-2017-13826: Trevor Jacques of Toronto
___
tvOS 11.2
- https://support.apple.com/en-us/HT208327
Released Dec 4, 2017 - "Available for: Apple TV 4K and Apple TV (4th generation)..."
Published Date: Dec 6, 2017
___
watchOS 4.2
- https://support.apple.com/en-us/HT208325
Released Dec 5, 2017 - "Available for: All Apple Watch models..."
Published Date: Dec 6, 2017
___
Safari 11.0.2 - (details available soon)
OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13
6 Dec 2017
___
iTunes 12.7.2 for Windows - (details available soon)
Windows 7 and later
6 Dec 2017
___
- https://www.us-cert.gov/ncas/current...curity-Updates
Dec 06, 2017
:fear::fear::fear::fear:
Apple advisories - 2017.12.12-13
FYI...
- https://support.apple.com/en-us/HT201222
iCloud for Windows 7.2
- https://support.apple.com/en-us/HT208328
Dec 13, 2017
APNs Server: Available for: Windows 7 and later
Impact: An attacker in a privileged network position can track a user
Description: A privacy issue existed in the use of client certificates. This issue was addressed through a revised protocol.
CVE-2017-13864: FURIOUSMAC Team of United States Naval Academy
WebKit: Available for: Windows 7 and later
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: Multiple memory corruption issues were addressed with improved memory handling.
CVE-2017-7156: an anonymous researcher
CVE-2017-7157: an anonymous researcher
CVE-2017-13856: Jeonghoon Shin
CVE-2017-13870: an anonymous researcher
CVE-2017-13866: an anonymous researcher
___
iOS 11.2.1
- https://support.apple.com/en-us/HT208357
Dec 13, 2017
HomeKit: Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
Impact: A remote attacker may be able to unexpectedly alter application state
Description: A message handling issue was addressed with improved input validation.
CVE-2017-13903
>> https://discussions.apple.com/articl...8357?filter=qa
Last: December 27, 2017
- https://www.securitytracker.com/id/1040008
CVE Reference: CVE-2017-13903
Dec 13 2017
Fix Available: Yes Vendor Confirmed: Yes
Description: A vulnerability was reported in Apple iOS. A remote user can access and control HomeKit smart accessories.
On systems with shared HomeKit application users, a remote user can send specially crafted data to trigger a state error in the HomeKit application and gain access to the target user's HomeKit-controlled accessories...
Impact: A remote user can access and control HomeKit smart accessories.
Solution: The vendor has issued a fix (11.2.1)...
___
Safari 11.0.2
- https://support.apple.com/en-us/HT208324
WebKit: Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.2
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: Multiple memory corruption issues were addressed with improved memory handling.
Published Date: Dec 13, 2017
- https://www.securitytracker.com/id/1040012
CVE Reference: CVE-2017-13856, CVE-2017-13866, CVE-2017-13870, CVE-2017-7156, CVE-2017-7157
Dec 13 2017
Fix Available: Yes Vendor Confirmed: Yes
Description: Multiple vulnerabilities were reported in Apple Safari. A remote user can cause arbitrary code to be executed on the target user's system.
A remote user can create specially crafted web content that, when loaded by the target user, will trigger a memory corruption error in the WebKit component to execute arbitrary code [CVE-2017-13856, CVE-2017-13866, CVE-2017-13870, CVE-2017-7156, CVE-2017-7157].
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution: The vendor has issued a fix (11.0.2)...
___
tvOS 11.2.1
- https://support.apple.com/en-us/HT208359
Dec 13, 2017
HomeKit: Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A remote attacker may be able to unexpectedly alter application state
Description: A message handling issue was addressed with improved input validation.
CVE-2017-13903
- https://www.us-cert.gov/ncas/current...s-iOS-and-tvOS
Dec 13, 2017
___
AirPort Base Station Firmware Update 7.6.9
- https://support.apple.com/en-us/HT208258
Dec 12, 2017
AirPort Base Station Firmware: Available for: AirPort Express, AirPort Extreme, and AirPort Time Capsule base stations with 802.11n
Impact: An attacker in Wi-Fi range may force nonce reuse in WPA unicast/PTK clients (Key Reinstallation Attacks - KRACK)
Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management.
CVE-2017-13077: Mathy Vanhoef of the imec-DistriNet group at KU Leuven
CVE-2017-13078: Mathy Vanhoef of the imec-DistriNet group at KU Leuven
AirPort Base Station Firmware: Available for: AirPort Express, AirPort Extreme, and AirPort Time Capsule base stations with 802.11n
Impact: An attacker in Wi-Fi range may force nonce reuse in WPA multicast/GTK clients (Key Reinstallation Attacks - KRACK)
Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management.
CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU Leuven
___
AirPort Base Station Firmware Update 7.7.9
- https://support.apple.com/en-us/HT208354
Dec 12, 2017
AirPort Base Station Firmware: Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac
Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-9417: Nitay Artenstein of Exodus Intelligence
AirPort Base Station Firmware: Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac
Impact: An attacker in Wi-Fi range may force nonce reuse in WPA unicast/PTK clients (Key Reinstallation Attacks
Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management.
CVE-2017-13077: Mathy Vanhoef of the imec-DistriNet group at KU Leuven
CVE-2017-13078: Mathy Vanhoef of the imec-DistriNet group at KU Leuven
AirPort Base Station Firmware: Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac
Impact: An attacker in Wi-Fi range may force nonce reuse in WPA multicast/GTK clients (Key Reinstallation Attacks - KRACK)
Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management.
CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU Leuven
___
- https://www.us-cert.gov/ncas/current...curity-Updates
Dec 12, 2017
:fear::fear:
Transport Layer Security (TLS) Vuln
FYI...
Transport Layer Security (TLS) Vuln
- https://www.us-cert.gov/ncas/current...-Vulnerability
Dec 13, 2017
TLS implementations...
- https://www.kb.cert.org/vuls/id/CHEU-AT5U6H
Date Updated: 12 Dec 2017
TLS implementations...
- https://www.kb.cert.org/vuls/id/144389
Last revised: 13 Dec 2017
:fear::fear::fear: