1091 Views | Published on January 21st, 2016
Apple Releases Patches for iOS, OS X and Safari
Apple on Tuesday released security patches for iOS, OS X and an update for the Safari browser.
The patches come less than a week after a ShmooCon presentation by Synack director of research Patrick Wardle revealed that Apple’s Gatekeeper security feature in OS X can be bypassed by an attacker with network-level access.
The OS X update, El Capitan 10.11.3, patches nine vulnerabilities flaws including memory corruption issues in the OS X kernel, Apple Graphics Power Management, Disk Images, IOAccelerator Family, IOHIDFamily, and IOKit that enable attackers on the local network to execute arbitrary code with local privileges.
Apple also patched a type confusion issue in libxslt that can be executed in a web-based attack leading to code execution; the flaw affects Mavericks, Yosemite and current versions of El Capitan.
Another critical memory corruption issue leading to code execution with root privileges was patched in syslog. The flaw was privately disclosed by Joshua Drake and Nikias Bassen of Zimperium zLabs; Drake last summer discovered and reported the Stagefright vulnerabilities in Android.
The final OS X flaw was found in OSA (Open Scripting Architecture) for El Capitan where a quarantined application could override a user’s OSA script libraries.
Apple also updated iOS, putting users on iOS 9.2.1 and patching 13 vulnerabilities in the process.
Most of the vulnerabilities expose iOS users to arbitrary code execution, either by an attacker with local access, or via the Web.
Apple also patched five memory corruption flaws in WebKit that could lead to arbitrary code execution, and another critical issue in WebKit CSS affecting user privacy by exposing whether a user have visited a given link to websites. Apple said it improved validation in this process, addressing the issue. Apple said it improved memory handling for all of the WebKit flaws, which were found internally.
A WebSheet flaw was also patched in iOS 9.2.1 where a malicious captive portal could access or write cookies.
The same WebKit and WebKit CSS vulnerabilities were also addressed in the Safari update; users were moved to Safari 9.0.3.