About the security content of iOS18.1.1 and iPadOS 18.1.1

About the security content of iOS18.1.1 and iPadOS 18.1.1 This document describes the security content of iOS 18.1.1 and iPadOS 18.1.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...

CVE-2024-44280

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An app may be able to modify protected parts of the file system...

CVE-2024-44280

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to modify protected parts of the file system...

CVE-2024-44280

CVE-2024-44280 describes a downgrade issue on Intel-based Mac computers where an app could modify protected parts of the filesystem. It is fixed by macOS updates: Ventura 13.7.1 and Sonoma 14.7.1, which add code-signing restrictions to mitigate the vulnerability. The issue is documented in multip...

CVE-2024-44280

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to modify protected parts of the file system...

CVE-2024-44280

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An app may be able to modify protected parts of the file system...

CVE-2024-27825

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sonoma 14.5. An app may be able to bypass certain Privacy preferences...

CVE-2024-27825

CVE-2024-27825 concerns a downgrade issue in Intel-based macOS, where an app may bypass certain Privacy preferences. It was mitigated by added code-signing restrictions and is fixed in macOS Sonoma 14.5. The vulnerability’s impact is privacy-related, enabling potential bypass of privacy controls ...

CVE-2024-27825

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sonoma 14.5. An app may be able to bypass certain Privacy preferences...

PT-2024-22062 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 14.5 Description: A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue allows an app to bypass certain Privacy preferences. Recommendations: For...

CVE-2024-23269

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to modify protected parts of the file system...

CVE-2024-23269

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. An app may be able to modify protected parts of the file system...

CVE-2024-23269

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. An app may be able to modify protected parts of the file system...

PT-2024-19763 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 12.7.4 macOS versions prior to 13.6.5 macOS versions prior to 14.4 Description: A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue allows an app to...

Beware: MetaStealer Malware Targets Apple macOS in Recent Attacks

A new information stealer malware called MetaStealer has set its sights on Apple macOS, making the latest in a growing list of stealer families focused on the operating system after MacStealer, Pureland, Atomic Stealer, and Realst. "Threat actors are proactively targeting macOS businesses by posi...

Code injection

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.5. An app may be able to determine a user’s current location...

CVE-2023-36862

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.5. An app may be able to determine a user’s current location...

Attack Surface Analysis Part 3: Red and Purple Teaming

Part 3: Red and Purple Teaming This is the third and final installment in our 2021 series around attack surface analysis. In part 1 I offered a description and the value and challenge of vulnerability assessment. Part 2 explored the why and how of conducting penetration testing and gave some tips...

Code injection

In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.3, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, and 13.1.0-13.1.3.4, BIG-IP Virtual Edition VE systems on VMware, with an Intel-based 85299 Network Interface Controller NIC card and Single Root I/O Virtualization SR-IOV enabled on vSphere, may fail and leave the...

F5 Networks BIG-IP : BIG-IP VE network interface vulnerability (K75111593)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.3.5 / 14.1.2.7 / 15.1.0.4 / 16.0.1. It is, therefore, affected by a vulnerability as referenced in the K75111593 advisory. - In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.3, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, and...