Apple Security Updates – January 2018

  • Post author:
  • Reading time:11 mins read

Apple Security Updates - January 2018

Image Source: www.digitaltrends.com
Apple released security updates this week, which affects macOS High Sierra, OS X El Capitan, iPhone, iPad, iPod, Apple TV and all Apple Watch models. These security updates addresses total of 17 vulnerabilities (CVE’s), Out of these 17 vulnerabilities 10 lead to arbitrary code execution.

Along with security updates tech giant also released macOS Sierra 10.13.3, iOS 11.2.5, tvOS 11.2.5, and watchOS 4.2.2 full operating system suits and remaining security updates for iTunes, iCloud for Windows and Safari for OS X El Capitan, macOS High Sierra.

Earlier, Apple had released a fix for Meltdown, a vulnerability which allowed an attacker to access protected kernel memory. The fix, which was supposed to address security vulnerabilities only on newer Macs but Apple released an update for older versions of macOS as well.

Although the Spectre vulnerabilities were mitigated in earlier January, the mitigation produced a negligible result on the Speedometer and ARES-6 tests. Prior to the updates, Apple’s decision of opting to reserve the fixes to newer Macs resulted in the customers criticizing the company for forcing customers to update their entire operating system so that they could receive patches. Apart from Meltdown and Spectre, the updates also features fixes to various other vulnerabilities.

While the updates seem to fix the Meltdown and Spectre vulnerabilities, As per researchers one true fix to the vulnerability will be a hardware update, as these vulnerabilities are hardware-based and make use of the speculative execution mechanism of the CPU. The operating system updates implement the software workarounds for the vulnerablities.

Following CVE’s lead to arbitrary code execution, hence these are high priority security updates and need to consider applying these security updates as soon as possible.
CVE-2018-4088, CVE-2018-4096, CVE-2018-4089, CVE-2018-4094, CVE-2018-4087, CVE-2018-4095, CVE-2018-4082, CVE-2018-4085, CVE-2018-4098, CVE-2018-4097


Apple Security Updates Summary:








SecPod Saner detects these vulnerabilities and automatically fixes it by applying security updates. Download Saner now and keep your systems updated and secure.


Share this article