Tag: Vulnerability

iTunes for Windows prior to 12.12.9 had a critical security vulnerability. Issue is now resolved and all users are encouraged to update as soon as possible.

Microsoft Windows Apps: iTunes

Reference: PSA: Serious Windows iTunes vulnerability discovered, immediate update advised

Following recent updates to tvOS and HomePod software, Apple now releases updates to iOS/iPadOS, watchOS and macOS. tvOS and HomePod software are updated to 16.3.2 to address Siri and HomeKit issues.

iOS 16.3.1 updates Crash Detection algorithms to address recent reports of false positives.

These updates fix issues and address important security vulnerabilities. Notably, WebKit security issue is resolved in macOS 13.2.1.

However, there are reports that iOS 16.3.1 is breaking Google Photos app.

References:

• iOS 16.3.1 Breaks Google Photos App
• macOS 13.2.1 update fixes WebKit security breach that has been ‘actively exploited’
• iOS 16.3.1 includes iPhone 14 Crash Detection changes after false positive complaints
• macOS 13.2.1
• iOS 16.3.1 and iPadOS 16.3.1
• Big Safari & Kernel issues fixed in iOS 16.3.1, macOS 13.2.1 updates
• PSA: Make Sure to Update Soon, macOS Ventura 13.2.1 and iOS 16.3.1 Address Actively Exploited Vulnerability
• Apple fixes Siri bug in tvOS 16.3.2 & HomePod update
• Apple Releases HomePod 16.3.2 Software With Fix for Siri Request Failures
• Apple fixes annoying HomePod bug that caused HomeKit requests to time out and fail the first time you ask

The exploit which was fixed in iOS 16.2 provided a way for a developer to change system font on iPhone.

Zhuowei Zhang shared a story behind his proof-of-concept app. App itself is available as source code on GitHub.

Apple Support: About the security content of iOS 16.2 and iPadOS 16.2

GitHub: WDBFontOverwrite

Reference: Developer uses iOS 16 exploit to change system font without jailbreak

The security gap is so serious that the OpenSSL team decided to announce that and the patch is coming:

Full information on the details of the vulnerability (and probably the exploit …) will be available on November 1st. As you can see, the whole thing only touches the 3.x OpenSSL line.

It is also worth noting that the OpenSSL team retains the 'Critical' status for really serious occasions. Since the beginning of the vulnerability assessment (end of 2014), this label has only been used once so far.

more:

https://mta.openssl.org/pipermail/openssl-announce/2022-October/000238.html

Apple provided an update for older devices which could not be updated to iOS/iPadOS 15. This update fixes security issues in WebKit and recommended for all users.

Apple Support: About the security content of iOS 12.5.6

Reference: Apple Releases iOS 12.5.6 Update for Older iPhones and iPads With Vulnerability Fixes

Following recent OS updates Apple publishes new Safari for older macOS releases.

Vulnerabilities fixed by this update are currently already used, so this update is strongly recommended.

References:

• Apple Releases Safari 15.6.1 for macOS Big Sur and macOS Catalina With Important Security Fix
• PSA: Safari Security Flaw 'Actively Exploited,' Update Your Apple Devices Now
• Apple updates Safari 15.6.1 with security fixes for macOS Big Sur and Catalina users

Vulnerability in T2 chip used in recent Intel-based Macs allow brute-force attacks on system password, making FileVault storage crackable in reasonable time when password is short enough.

Apple Silicon Macs are unaffected by this vulnerability. On the other hand, Macs without T2 chip are easier to be brute-forced.

Reference: T2 Mac security vulnerability means passwords can now be cracked

Safari 15 is exposing IndexedDB data to opened sites and in tabs and recently opened.

Sites cannot read contents of IndexedDB, however, names of databases are accessible to all sites. Google keeps user ID as a part of database name allowing cross-site tracking.

Live demo: Safari Leaks

Reference:

• Safari bug can leak some of your Google account info and recent browsing history
• Safari Bug Allows Websites to Track Your Recent Browsing Activity in Real Time
• Safari 15 IndexedDB Information Leaks

Microsoft found a vulnerability called "Powerdir" in macOS. This vulnerability was addressed in macOS 12.1 Monterey.

According to Microsoft, the "Powerdir" security flaw could allow a fake TCC database to be planted. TCC is a long running macOS function that lets users configure the privacy settings of their apps, and with the fake database, a malicious person could hijack an app installed on a Mac or install their own malicious app, accessing the microphone and camera to obtain sensitive info. 

MacRumors

Apple Support: About the security content of macOS Monterey 12.1

Reference: Microsoft Discovered New 'Powerdir' macOS Vulnerability, Fixed in 12.1 Update

Security researcher found an issue with HomeKit which could make iPhone unusable. Issue is triggered by very long HomeKit device name (more than 500,000 characters).

This issue will affect first the Home app and if this device appears on Control Center, the whole iOS will become unresponsive or sluggish.

Issue is still present in current iOS and iPadOS releases.

Public disclosure: doorLock

Reference: This HomeKit bug could make your iPhone completely unusable; here are the details