Home / apple / Apple Fixes Passcode Bypass, RCE Vulnerabilities, and More in Today’s Updates.

Apple Fixes Passcode Bypass, RCE Vulnerabilities, and More in Today’s Updates.

Apple Medicine

Today Apple released updates for their core products that includes iCloud, Safari, iTunes, macOS Mojave, High Sierra, Sierra, Shortcuts for iOS 2.1.2, tvOS 12.1.1, and of course iOS 12.1.1.

Included in these security updates are numerous code execution, privilege escalations, and information disclosure vulnerabilities. Due to this, if you are the user of any of the above products, you should update them as soon as possible.

iOS 12.1.1 fixes FaceTime locked screen contacts disclosure

iOS 12.1.1 fixes a bug that was discovered at the end of October, the day after iOS 12.1 was released, that allows a user to access a phone’s contacts even when iOS was locked.  This bug was discovered by security researcher Jose Rodriguez who has a knack for finding these types of bypasses and demonstrates them on YouTube.

Other vulnerabilities that were fixed include remote code execution, information disclosure, escalation of privileges, and denial of service attacks.

Shortcuts for iOS gets its first security update!

Shortcuts is a new feature added to iOS 12 that allows you to create shortcuts that execute multiple commands with one voice command or tap.

This update is Shortcuts for iOS’ first one and sadly there is not much to indicate what was fixed if anything.  Instead we are greeted with the following statement:

“This update has no published CVE entries. We would like to acknowledge Micah A for their assistance.”

Whoever Micah A is, congrats!

Below are the rest of the Apple security updates released today.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.

x

Check Also

Ransomware

100,000 Windows Users In China Hit By New Ransomware Strain

A ransomware that encrypts personal files and then demands 110 yuan (~$16) in ransom has affected ...