Monthly Archives: May 2016

Apple Releases Updates for Multiple Environments

Posted by Clayton Bellot on May 17, 2016
Uncategorized / No Comments

OVERVIEW:
Multiple vulnerabilities have been discovered in iOS, watchOS, tvOS, iTunes, OS X El Capitan, and Safari which could allow for arbitrary code execution. Apple iOS is an operating system for iPhone, iPod touch, and iPad. watchOS is the mobile operating system of the Apple Watch. tvOS is an operating system for Apple TV digital media player. Apple iTunes is used to play media files on Microsoft Windows and MAC OS X platforms. OS X El Capitan is an operating system for Macintosh computers. Apple Safari is a web browser available for OS X and Microsoft Windows.

Successful exploitation of these vulnerabilities could result in, but are not limited to information disclosure, giving an attacker the ability determine kernel memory layout, or allow for arbitrary code to be run within the context of the user or kernel.

RECOMMENDATIONS:
We recommend the following actions be taken:

  • Apply appropriate updates provided by Apple to vulnerable systems immediately after appropriate testing.
  • Run all software as a non-privileged user to diminish the effects of a successful attack.
  • Do not to download, accept, or execute files from un-trusted or unknown sources.
  • Do not to visit un-trusted websites or follow links provided by unknown or un-trusted sources.

Updating tvOS:
https://support.apple.com/en-us/HT205444

Updating watchOS:
https://support.apple.com/en-us/HT204641

Update the iOS software on your iPhone, iPad, or iPod touch:
https://support.apple.com/en-us/HT204204

How to update OS X and Mac apps:
https://support.apple.com/en-us/HT201541