Security News > 2020 > March > Apple Patches Code Execution Vulnerabilities Across Product Portfolio

Apple Patches Code Execution Vulnerabilities Across Product Portfolio
2020-03-25 16:09

Security patches released this week by Apple for many of its products address a variety of vulnerabilities, including multiple issues that could lead to arbitrary code execution on the affected devices.

The patched flaws could result in the execution of arbitrary code with system or kernel privileges, leak of kernel memory, privilege escalation, leak of sensitive information, disclosure of restricted memory, or code signing bypass.

Patches for a total of 30 vulnerabilities were included in the iOS 13.4 and iPadOS 13.4 security update, for components such as ActionKit, Bluetooth, CoreFoundation, Icons, Image Processing, Kernel, libxml2, Mail, Mail Attachments, Messages, Safari, Web App, and WebKit.

Apple patched 17 vulnerabilities with the rollout of watchOS 6.2, including four in WebKit.

The patches are available for macOS Mojave and macOS High Sierra, and are included in macOS Catalina, Apple says.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/iuoNRScLQPo/apple-patches-code-execution-vulnerabilities-across-product-portfolio

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apple 68 212 1433 2208 257 4110