In May 2024, Apple addressed several security vulnerabilities across its products with the release of Apple Security Updates and Rapid Security Responses. Immediate detection and remediation of these vulnerabilities is essential. Utilizing effective patch management software can streamline vulnerability remediation processes.
The recently published security updates address several issues in macOS, including macOS Sonoma, macOS Monterey, and macOS Ventura. Additionally, vulnerabilities affecting iPhones, Macs, iPads, tvOS and Safari have also been addressed.
1. Safari
- Affected OS: macOS Monterey and macOS Ventura.
- Affected features: WebKit
- Impact: Arbitrary Code Execution.
- CVEs: CVE-2024-27834
2. macOS
- Affected OS: macOS Ventura before 13.6.7
- Affected features: Foundation, Login Window RTKit.
- Impact: Arbitrary Code Execution, Information Disclosure, and Memory Corruption
- CVEs: CVE-2024-27789, CVE-2023-42861, CVE-2024-23296
- Affected OS: macOS Monterey before 12.7.5.
- Affected features: Find My, and Foundation.
- Impact: Sensitive Information Disclosure.
- CVEs: CVE-2024-23229, CVE-2024-27789 .
- Affected OS: macOS Sonoma before 14.5
- Affected features: AppleAVD, AppleMobileFileIntegrity, AppleVA, AVEVideoEncoder, CFNetwork, Finder, Kernel, Libsystem, Maps, PackageKit, PrintCenter, RemoteViewServices, SharedFileList, Shortcuts, StorageKit, Sync Services, udf, Voice Control, and WebKit.
- Impact: Arbitrary Code Execution, Sensitive Information Disclosure, Privilege Escalation, and Denial-of-Service.
- CVEs: CVE-2024-27804, CVE-2024-27837, CVE-2024-27816, CVE-2024-27825,CVE-2024-27829, CVE-2024-27841, CVE-2024-23236, CVE-2024-27827, CVE-2024-27818, CVE-2023-42893, CVE-2024-27810, CVE-2024-27822, CVE-2024-27824, CVE-2024-27813, CVE-2024-27816, CVE-2024-27843, CVE-2024-27821, CVE-2024-27798, CVE-2024-27847, CVE-2024-27842, CVE-2024-27796, CVE-2024-27834 .
- Affected OS: iOs and iPadOS
- Affected features: AppleAVD, AppleMobileFileIntegrity, AVEVideoEncoder, Find My, Kernel, Libsystem, Maps, PackageKit, Notes, RemoteViewServices, Shortcuts, Sync Services, Voice Control, and WebKit.
- Impact: Arbitrary Code Execution, Sensitive Information Disclosure, and Privilege Escalation.
- CVEs: CVE-2024-27804, CVE-2024-27816, CVE-2024-27841, CVE-2024-27821, CVE-2024-27847, CVE-2024-27796, CVE-2024-27818, CVE-2023-42893, CVE-2024-27810, CVE-2024-27839, CVE-2024-27839, CVE-2024-27839, CVE-2024-27839
*iOS 16.7.8 and iPadOS 16.7.8.
- Affected OS: iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation.
- Affected features: Foundation, and RTKit.
- Impact: Arbitrary Code Execution, Sensitive Information Disclosure, and Memory Corruption.
- CVEs: CVE-2024-27789, CVE-2024-23296 .
4. watchOS
- Affected OS: Apple Watch Series 4 and later.
- Affected features: AppleAVD, AppleMobileFileIntegrity, Maps, PackageKit, Notes, RemoteViewServices, Shortcuts, and WebKit.
- Impact: Arbitrary Code Execution, Sensitive Information Disclosure, and Memory Corruption.
- CVEs: CVE-2024-27804, CVE-2024-27816, CVE-2024-27810, CVE-2024-27821, CVE-2024-27834 .
5. tvOS
- Affected OS: Apple TV HD and Apple TV 4K (all models).
- Affected features: AppleAVD, AppleMobileFileIntegrity, Maps, RemoteViewServices, and WebKit.
- CVEs: CVE-2024-27804, CVE-2024-27816, CVE-2024-27810, CVE-2024-27834
SanerNow VM and SanerNow PM detect and automatically fix these vulnerabilities by applying security updates. Therefore, use SanerNow and keep your systems updated and secure.