Apple Fixes Dozens Of Serious MacOS, iOS Flaws
The patches for iOS, macOS and other software include fixes for a bug that could allow a malicioud ebook to take over a device
Apple has released fixes for dozens of security bugs in its mobile and desktop devices, including serious issues that could allow malware to take over computers and devices.
The company released seven sets of patches in all, including 23 fixes in the iOS 10.3.2 release and 30 fixes in macOS 10.12.5.
iBooks bugs
Five other releases fixed numerous bugs in Safari, tvOS, iCloud for Windows, iTunes for Windows and watchOS.
Two of the most serious flaws iOS affect iBooks, with one allowing an attacker to open arbitrary websites and the other enabling the execution of malicious code at the kernel level.
The iOS patches fix more than a dozen bugs in the mobile version of the WebKit website rendering engine that could enable the execution of malicious code and cross-site scripting attacks.
Apple fixed the two iBooks issues in its macOS release, as well as a third issue with the same application that could allow an application to escape its secure sandbox.
Another patch fixes a bug with macOS’ Wi-Fi networking that could allow the theft of networking credentials, Apple said.
Connected devices
The macOS patches also address escalation of privelege flaws in graphics drivers and four code execution bugs in SQLite.
In a Safari update Apple fixed three holes in the Safari browser and 23 issues in WebKit, while the Apple Watch update patches 12 issues, some of which could allow the execution of malicious code.
The Apple TV update fixes 23 bugs, including 12 WebKit issues allowing cross-site scripting and malicious code execution.
The iTunes for Windows update fixes a code execution flaw, while the iCloud update addresses a WebKit code execution bug.
Industry analysts have recently underscored the growing danger caused by the spread of mobile devices that might not be kept up to date with security patches, including Apple’s popular iPhone and iPad products.
Apple Watches were banned from Cabinet Office meetings last autumn over such hacking fears.
Do you know all about security in 2017? Try our quiz!