About the security content of macOS Sonoma 14.7

About the security content of macOS Sonoma 14.7 This document describes the security content of macOS Sonoma 14.7. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases ar...

macOS 13.x < 13.7 Multiple Vulnerabilities (121234)

The remote host is running a version of macOS / Mac OS X that is 13.x prior to 13.7. It is, therefore, affected by multiple vulnerabilities: - A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, iOS 18 and iPadOS 18,...

Microsoft OneNote for macOS library injection vulnerability

Talos Vulnerability Report TALOS-2024-1975 Microsoft OneNote for macOS library injection vulnerability August 19, 2024 CVE Number CVE-2024-41159 SUMMARY A library injection vulnerability exists in Microsoft OneNote 16.83 for macOS. A specially crafted library can leverage OneNote’s access...

CVE-2024-40814

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sonoma 14.6, macOS Ventura 13.7. An app may be able to bypass Privacy preferences...

CVE-2024-40814

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sonoma 14.6. An app may be able to bypass Privacy preferences...

CVE-2024-40774

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, macOS Sonoma 14.6. An app may be able to bypass Privacy preferences...

CVE-2024-40775

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. An app may be able to leak sensitive user information...

CVE-2024-40774

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, watchOS 10.6. An app may be able to bypass Privacy preferences...

CVE-2024-40775

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. An app may be able to leak sensitive user information...

CVE-2024-40814

CVE-2024-40814 affects macOS, described as a downgrade issue that could allow an app to bypass Privacy preferences. Apple states the issue was fixed with additional code-signing restrictions and references macOS Sonoma 14.6 as the fixed version. The NVD/NCSC/Nessus entries corroborate the vulnera...

CVE-2024-40814

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sonoma 14.6, macOS Ventura 13.7. An app may be able to bypass Privacy preferences...

CVE-2024-40814

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sonoma 14.6, macOS Ventura 13.7. An app may be able to bypass Privacy preferences...

CVE-2024-40775

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. An app may be able to leak sensitive user information...

CVE-2024-40775

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. An app may be able to leak sensitive user information...

CVE-2024-40775

CVE-2024-40775 describes a downgrade issue addressed by adding code-signing restrictions. The vulnerability could allow an app to leak sensitive user information. Apple fixed the issue in macOS Sonoma 14.6, macOS Monterey 12.7.6, and macOS Ventura 13.6.8. The provided connected documents confirm ...

CVE-2024-40774

CVE-2024-40774 is a downgrade issue addressed by stricter code-signing restrictions. Affected platforms include macOS Ventura 13.6.8, Monterey 12.7.6, iOS 17.6/iPadOS 17.6, watchOS 10.6, tvOS 17.6, and macOS Sonoma 14.6; the flaw could allow an app to bypass Privacy preferences. Remediation is th...

CVE-2024-40774

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, watchOS 10.6. An app may be able to bypass Privacy preferences...

CVE-2024-40774

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, watchOS 10.6. An app may be able to bypass Privacy preferences...

PT-2024-29071 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 14.6 Description: A downgrade issue was addressed with additional code-signing restrictions. This issue may allow an app to bypass Privacy preferences. Recommendations: For versions prior to 14.6, update to macOS Sonom...

PT-2024-29033 · Apple · Ipados +7

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.6.8 macOS Monterey versions prior to 12.7.6 iOS versions prior to 17.6 iPadOS versions prior to 17.6 watchOS versions prior to 10.6 tvOS versions prior to 17.6 macOS Sonoma versions prior to 14.6 Description: A...