Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)
Computer Emergency Response Team of Mauritius>Apple releases Security Updates to address vulnerabilities in OS X, iOS and others

Apple releases Security Updates to address vulnerabilities in OS X, iOS and others


Apple has released security updates to address several vulnerabilities in OS X, iOS and many others. The first vulnerability identified (CVE-2015-7015) is in configd – and enables a malicious application to elevate privileges and is also addressed in OS X El Capitan 10.11.1 and watchOS 2.0.1. The second vulnerability (CVE-2015-6979) is in GasGauge and it enables a malicious application to execute arbitrary code. Other issues fixed in iOS 9.1 include multiple memory corruption bugs in ImageIO that can lead to arbitrary code execution when viewing a maliciously crafted image file, vulnerabilities in OpenGL and WebKit that could lead to arbitrary code execution when visiting a maliciously crafted website, and a flaw in telephony that could enable a malicious application to leak sensitive user information. Some of the bugs affecting all aforementioned versions of Apple’s operating system include a memory corruption vulnerability in Accelerate Framework that could lead to arbitrary code execution upon visiting a maliciously crafted website, and flaws in CoreText and FontParser that could lead to arbitrary code execution when processing a maliciously crafted font file.
 
Source:
SC Magazine
 
Apple Support
 
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis