Security News > 2020 > March > Apple iOS 13.4 offers fixes for 30 vulnerabilities

Apple has just announced its latest something for everyone security and feature updates for iOS, iPadOS, macOS, watchOS, and tvOS. In terms of security, the attention grabber is iOS/iPad 13.4, which fixes 30 CVEs.
As usual, WebKit browser engine and Safari gave Apple plenty to fix, all but one of which were found by sources outside the company, including an arbitrary code execution flaw, CVE-2020-3899, credited to Google's open source fuzzing tool, OSS-Fuzz.
It wouldn't be an Apple update without at least one fix for FaceTime, CVE-2020-3881.
Safari reaches 13.1 with fixes for 11 CVE bugs, all but one of which are, predictably, the same WebKit flaws fixed separately in iOS 13.4.
On a Mac, go to the Apple menu, choose About This Mac and click Software Update.
News URL
https://nakedsecurity.sophos.com/2020/03/26/apple-ios-13-4-offers-fixes-for-30-vulnerabilities/
Related news
- Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update (source)
- Global Pressure Mounts for Apple as Brazilian Court Demands iOS Sideloading Within 90 Days (source)
- Apple Backports Critical Fixes for 3 Recent 0-Days Impacting Older iOS and macOS Devices (source)
- Apple Rolls Out iOS 18.4 With New Languages, Emojis & Apple Intelligence in the EU (source)
- Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-04-01 | CVE-2020-3881 | Unspecified vulnerability in Apple mac OS X A logic issue was addressed with improved state management. | 5.5 |
2020-04-01 | CVE-2020-3899 | Unspecified vulnerability in Apple products A memory consumption issue was addressed with improved memory handling. | 8.8 |