Security News > 2021 > July > Apple security updates: iOS 14.7 fixes WiFiDemon flaw
Apple has released security updates for macOS Big Sur, Catalina and Mojave, as well as iOS and iPadOS. There is no indication that Apple has fixed any vulnerabilities that may be exploited to deliver NSO Group's Pegasus spyware via "Zero-click" iMessage attacks.
MacOS Big Sur comes with fixes for a multitude of security issues.
Among the more interesting bugs that have been splatted are multiple issues that may allow a local attacker to execute code on the Apple T2 Security Chip, and two bugs that may allow a malicious application to bypass Privacy preferences - though, as per usual, Apple has not shared any details about them.
The macOS Catalina and Mojave security updates deliver many of the same fixes, but also additional ones such as that for CVE-2021-30731, a vulnerability that may be exploited by an unprivileged application to capture USB devices.
iOS 14.7 and iPadOS 14.7: Security fixes.
The more unusual of latter are several issues reported by Linus Henze, a researcher with German IT security company Pinauten, which could allow a malicious application to bypass code signing checks or a malicious attacker to bypass Pointer Authentication and kernel memory mitigations.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/gzDDxlCNqY4/
Related news
- Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability (source)
- Apple Opens PCC Source Code for Researchers to Identify Bugs in Cloud AI Security (source)
- New iOS Security Feature Makes It Harder for Police to Unlock Seized Phones (source)
- iOS 18 added secret and smart security feature that reboots iThings after three days (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-08 | CVE-2021-30731 | Unspecified vulnerability in Apple mac OS X and Macos This issue was addressed with improved checks. | 5.5 |