Image Source: wikimedia.org
Apple Security Updates December 2018 released a set of security updates for its products this month. There are ten products which received the updates including Apple’s new brain child, MacOS Mojave which newly launched in September. This update addresses a set of 26 vulnerabilities which a vulnerability scanning tool found. And, the products listed under this update are macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update 2018-006 Sierra, iCloud, Safari, iTunes, tvOS, iOS, watchOS 5.1.2, Shortcuts 2.1.2 for iOS.
A good 13 CVEs out of 26 could lead to Arbitrary Code Execution. Three interesting CVEs: CVE-2018-4446, CVE-2018-4303 and CVE-2018-4435, aid malicious applications running on the system to elevate privileges and gather information about other applications running on the system. Auto patching can patch these critical vulnerabilities quickly.
In the limelight: Mojave
The second set of updates for Mojave are considered important as they are said to improve the performance, compatibility, stability and the security. Eleven vulnerabilities reported for MacOS. Five CVEs: CVE-2018-4303, CVE-2018-4463, CVE-2018-4434, CVE-2018-4460, and CVE-2018-4461 are unique to Mojave, out of which three are rated Critical for Arbitrary Code Execution and restricted kernel memory access. Also, these updates are believed to have addressed the issues with wifi and battery drain that reported by customers last month.
Critical Vulnerabilities
Six CVEs are rated critical and have memory corruption issues. The first four CVEs listed lead to Arbitrary Code Execution with Kernel Privileges,
- CVE-2018-4427 lists a flaw in the IOHIDFamily of macOS Sierra 10.12.6, macOS High Sierra 10.13.6 which leads to privilege escalation and a flaw in the Disk Images of tvOS(Apple TV 4K and Apple TV (4th generation)) and watchOS(Apple Watch Series 1 and later).
- CVE-2018-4447 was published by Juwei Lin and Zhengyu Dong with TrendMicro. It lists a flaw in the Kernel for watchOS(Apple Watch Series 1 and later), macOS(macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.1), tvOS(Apple TV 4K and Apple TV (4th generation)) and iOS( iPhone 5s and later, iPad Air and later, and iPod touch 6th generation).
- CVE-2018-4461 disclosed by Ian Beer with Google Project Zero. It lists a flaw in the Kernel for watchOS(Apple Watch Series 1 and later), macOS(macOS Mojave 10.14.1), tvOS(Apple TV 4K and Apple TV (4th generation))and iOS(iPhone 5s and later, iPad Air and later, and iPod touch 6th generation).
- CVE-2018-4465 published with Pangu Team. It lists a flaw in the Disk Images for macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.1. and iOS( iPhone 5s and later, iPad Air and later, and iPod touch 6th generation).
- CVE-2018-4463 was disclosed by Maksymilian Arciemowicz with CXsecurity and lists a flaw in the Carbon Core of macOS Mojave 10.14.1 leads to Arbitrary Code Execution with System Privileges.
- CVE-2018-4434 disclosed by Zhuo Liang with Qihoo 360 and lists a flaw in the Intel Graphics Driver of macOS Mojave 10.14.1 allows a local user to read kernel memory and terminate the system abruptly.
Apple Security Updates December 2018 Summary :
- Product : macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, and Security Update 2018-006 Sierra
- Affected features : Airport, AMD, Carbon Core, Disk Images, Intel Graphics Driver, IOHID Family, Kernel, WindowServer
- Impact : Arbitrary Code Execution, Privilege Escalation, Denial of Service,
- CVE: CVE-2018-4303, CVE-2018-4462, CVE-2018-4463, CVE-2018-4465, CVE-2018-4434, CVE-2018-4427, CVE-2018-4460, CVE-2018-4431, CVE-2018-4447, CVE-2018-4435, CVE-2018-4461, CVE-2018-4449, CVE-2018-4450.
- Product : iCloud 7.9
- Affected OS : Windows 7 and later
- Affected features : Safari, WebKit
- Impact: Arbitrary Code Execution, Address bar spoofing, User interface spoofing
- CVE : CVE-2018-4440, CVE-2018-4439, CVE-2018-4437, CVE-2018-4464, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443, CVE-2018-4438
- Product : Safari 12.0.2
- Affected OS : macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.1
- Affected features : Safari, WebKit
- Impact : Arbitrary Code Execution, Address bar spoofing, User interface spoofing
- CVE : CVE-2018-4440, CVE-2018-4439, CVE-2018-4445, CVE-2018-4437, CVE-2018-4464, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443, CVE-2018-4438
- Product : iTunes 12.9.2
- Affected OS : Windows 7 and later
- Affected features : Safari, WebKit
- Impact : Arbitrary Code Execution, Address bar spoofing, User interface spoofing
- CVE : CVE-2018-4440, CVE-2018-4439, CVE-2018-4437, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443, CVE-2018-4438
- Product : tvOS 12.1.1
- Affected features : Airport, Disk Images, Kernel, Profiles, WebKit
- Impact : Arbitrary Code Execution, Privilege Escalation, Denial of Service
- CVE : CVE-2018-4303, CVE-2018-4427, CVE-2018-4460, CVE-2018-4431, CVE-2018-4435, CVE-2018-4447, CVE-2018-4461, CVE-2018-4436, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443, CVE-2018-4438, CVE-2018-4437, CVE-2018-4464
- Product : iOS 12.1.1
- Affected features : Airport, Disk Images, FaceTime, File Provider, Kernel, LinkPresentation, Profiles, Safari, WebKit
- Impact : Arbitrary Code Execution, Address bar spoofing, User interface spoofing
- CVE : CVE-2018-4303, CVE-2018-4465, CVE-2018-4430, CVE-2018-4446, CVE-2018-4460, CVE-2018-4431, CVE-2018-4435, CVE-2018-4447, CVE-2018-4461, CVE-2018-4429, CVE-2018-4436, CVE-2018-4439, CVE-2018-4440, CVE-2018-4445, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443, CVE-2018-4438, CVE-2018-4437, CVE-2018-4464
- Product : watchOS 5.1.2
- Affected features : Airport, Disk Images, Kernel, LinkPresentation, Profiles,WebKit
- Impact : Arbitrary Code Execution, Privilege Escalation, User interface spoofing
- CVE: CVE-2018-4303, CVE-2018-4427, CVE-2018-4460, CVE-2018-4431, CVE-2018-4447, CVE-2018-4435, CVE-2018-4461, CVE-2018-4429, CVE-2018-4436, CVE-2018-4437, CVE-2018-4464, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443, CVE-2018-4438
SecPod Saner detects these vulnerabilities and automatically fixes it by applying security updates. Download Saner now and keep your systems updated and secure.