Apple releases updates for macOS Mojave and Catalina with important security fixes
Along with macOS 11.5 existence released, section updates hit arrived for both macOS Catalina and Mojave. Fixes included are for flaws that could advance to vindictive applications gaining stem access, capricious cipher existence executed with essence privileges, and more.
There are 20+ section fixes for macOS Catalina and Mojave. For whatever users, the venture of these section issues haw be baritone but with whatever existence potentially earnest these are essential updates to install.
On your Mac nous to System Preferences > Software Update or > About This Mac > Software Update to wager if the updates are primed for you.
Here’s a countenance at every the section fixes for macOS Catalina:
AMD Kernel
Available for: macOS Catalina
Impact: An covering haw be healthy to fulfil capricious cipher with essence privileges
Description: A module immorality supply was addressed with reinforced signaling validation.
CVE-2021-30805: ABC Research s.r.o
AppKit
Available for: macOS Catalina
Impact: Opening a maliciously crafted enter haw advance to unheralded covering conclusion or capricious cipher execution
Description: An aggregation revealing supply was addressed by removing the undefendable code.
CVE-2021-30790: hjy79425575 employed with Trend Micro Zero Day Initiative
Audio
Available for: macOS Catalina
Impact: A topical assailant haw be healthy to drive unheralded covering conclusion or capricious cipher execution
Description: This supply was addressed with reinforced checks.
CVE-2021-30781: tr3e
Bluetooth
Available for: macOS Catalina
Impact: A vindictive covering haw be healthy to acquire stem privileges
Description: A module immorality supply was addressed with reinforced land management.
CVE-2021-30672: say2 of ENKI
CoreAudio
Available for: macOS Catalina
Impact: Processing a maliciously crafted frequence enter haw advance to capricious cipher execution
Description: A module immorality supply was addressed with reinforced land management.
CVE-2021-30775: JunDong Xie of Ant Security Light-Year Lab
CoreAudio
Available for: macOS Catalina
Impact: Playing a vindictive frequence enter haw advance to an unheralded covering termination
Description: A grouping supply was addressed with reinforced validation.
CVE-2021-30776: JunDong Xie of Ant Security Light-Year Lab
CoreStorage
Available for: macOS Catalina
Impact: A vindictive covering haw be healthy to acquire stem privileges
Description: An shot supply was addressed with reinforced validation.
CVE-2021-30777: Tim Michaud(@TimGMichaud) of Zoom Video Communications and metropolis Nield of ECSC Group plc
CoreText
Available for: macOS Catalina
Impact: Processing a maliciously crafted type enter haw advance to capricious cipher execution
Description: An out-of-bounds feature was addressed with reinforced signaling validation.
CVE-2021-30789: Sunglin of Knownsec 404 team, Mickey Jin (@patch1t) of Trend Micro
CoreText
Available for: macOS Catalina
Impact: Processing a maliciously crafted type haw conclusion in the revealing of impact memory
Description: An out-of-bounds feature was addressed with reinforced signaling validation.
CVE-2021-30733: Sunglin from the Knownsec 404
CVMS
Available for: macOS Catalina
Impact: A vindictive covering haw be healthy to acquire stem privileges
Description: An out-of-bounds indite supply was addressed with reinforced extent checking.
CVE-2021-30780: Tim Michaud(@TimGMichaud) of Zoom Video Communications
it should
Available for: macOS Catalina
Impact: A sandboxed impact haw be healthy to circumvent toy restrictions
Description: A grouping supply was addressed with reinforced validation.
CVE-2021-30768: Linus Henze (pinauten.de)
FontParser
Available for: macOS Catalina
Impact: Processing a maliciously crafted type enter haw advance to capricious cipher execution
Description: An number stream was addressed finished reinforced signaling validation.
CVE-2021-30760: Sunglin of Knownsec 404 team
FontParser
Available for: macOS Catalina
Impact: Processing a maliciously crafted type enter haw advance to capricious cipher execution
Description: A arrange stream was addressed with reinforced signaling validation.
CVE-2021-30759: hjy79425575 employed with Trend Micro Zero Day Initiative
FontParser
Available for: macOS Catalina
Impact: Processing a maliciously crafted tiff enter haw advance to a denial-of-service or potentially divulge module contents
Description: This supply was addressed with reinforced checks.
CVE-2021-30788: tr3e employed with Trend Micro Zero Day Initiative
ImageIO
Available for: macOS Catalina
Impact: Processing a maliciously crafted ikon haw advance to capricious cipher execution
Description: A pilot stream was addressed with reinforced extent checking.
CVE-2021-30785: Mickey Jin (@patch1t) of Trend Micro, CFF of Topsec Alpha Team
Intel Graphics Driver
Available for: macOS Catalina
Impact: An covering haw be healthy to drive unheralded grouping conclusion or indite essence memory
Description: This supply was addressed with reinforced checks.
CVE-2021-30787: Anonymous employed with Trend Micro Zero Day Initiative
Intel Graphics Driver
Available for: macOS Catalina
Impact: An covering haw be healthy to fulfil capricious cipher with essence privileges
Description: An out-of-bounds indite was addressed with reinforced signaling validation.
CVE-2021-30765: Liu Long of Ant Security Light-Year Lab
CVE-2021-30766: Liu Long of Ant Security Light-Year Lab
IOUSBHostFamily
Available for: macOS Catalina
Impact: An unprivileged covering haw be healthy to getting USB devices
Description: This supply was addressed with reinforced checks.
CVE-2021-30731: UTM (@UTMapp)
Kernel
Available for: macOS Catalina
Impact: An covering haw be healthy to fulfil capricious cipher with essence privileges
Description: A threefold liberated supply was addressed with reinforced module management.
CVE-2021-30703: an nameless researcher
Kernel
Available for: macOS Catalina
Impact: An covering haw be healthy to fulfil capricious cipher with essence privileges
Description: A grouping supply was addressed with reinforced land management.
CVE-2021-30793: Zuozhi Fan (@pattern_F_) of Ant Security TianQiong Lab
LaunchServices
Available for: macOS Catalina
Impact: A vindictive covering haw be healthy to fortuity discover of its sandbox
Description: This supply was addressed with reinforced surround sanitization.
CVE-2021-30677: Daffo Waisberg (@epsilan)
LaunchServices
Available for: macOS Catalina
Impact: A sandboxed impact haw be healthy to circumvent toy restrictions
Description: An admittance supply was addressed with reinforced admittance restrictions.
CVE-2021-30783: Daffo Waisberg (@epsilan)
Model I/O
Available for: macOS Catalina
Impact: Processing a maliciously crafted ikon haw advance to a forgoing of service
Description: A grouping supply was addressed with reinforced validation.
CVE-2021-30796: Mickey Jin (@patch1t) of Trend Micro
Sandbox
Available for: macOS Catalina
Impact: A vindictive covering haw be healthy to admittance limited files
Description: This supply was addressed with reinforced checks.
CVE-2021-30782: Csaba Fitzl (@theevilbit) of Offensive Security
WebKit
Available for: macOS Catalina
Impact: Processing maliciously crafted scheme noesis haw advance to capricious cipher execution
Description: Multiple module immorality issues were addressed with reinforced module handling.
CVE-2021-30799: Sergei Glazunov of Google Project Zero
Additional recognition
configd
We would same to pass Csaba Fitzl (@theevilbit) of Offensive Security for their assistance.
CoreServices
We would same to pass Zhongcheng Li (CK01) for their assistance.
CoreText
We would same to pass Mickey Jin (@patch1t) of Trend Micro for their assistance.
Crash Reporter
We would same to pass Yizhuo Wang of Group of Software Security In Progress (G.O.S.S.I.P) at Shanghai Jiao Tong University for their assistance.
crontabs
We would same to pass Csaba Fitzl (@theevilbit) of Offensive Security for their assistance.
IOKit
We would same to pass martyr Nosenko for their assistance.
libxml2
We would same to pass for their assistance.
Spotlight
We would same to pass Csaba Fitzl (@theevilbit) of Offensive Security for their assistance.
Check discover 9to5Mac on YouTube for more Apple news:
Source unification
Apple releases updates for macOS desert and Catalina with essential section fixes
BUSINESS WEALTH TRADE NEWS Activitie Enterprise Business Occupation Prosperity Sucess
- Bargain Alabama metropolis leader would possibly also no longer stop after utilizing racial slurby BLOGGER
Bargain
A white metropolis leader in Alabama used to be captured on video utilizing a racial slur in direction of Sunless members at some stage in a council assembly
ByThe Associated Press
July 21, 2021, 2: 26 PM
• 2 min read
TARRANT, Ala. — A white metropolis leader captured on video utilizing a racial slur in direction of Sunless members at some stage in a council assembly talked about he would possibly also no longer announce sorry, and would possibly bustle for mayor. Other
The post Bargain Alabama metropolis leader would possibly also no longer stop after utilizing racial slur first appeared on BUSINESS WEALTH TRADE NEWS.
Apple releases updates for macOS Mojave and Catalina with important security fixes
Comentários
Postar um comentário