Apple Security Updates – January 2018

Image Source:

Apple released security updates this week, which affects macOS High Sierra, OS X El Capitan, iPhone, iPad, iPod, Apple TV and all Apple Watch models. These security updates addresses total of 17 vulnerabilities (CVE’s), Out of these 17 vulnerabilities 10 lead to arbitrary code execution.

Along with security updates tech giant also released macOS Sierra 10.13.3, iOS 11.2.5, tvOS 11.2.5, and watchOS 4.2.2 full operating system suits and remaining security updates for iTunes, iCloud for Windows and Safari for OS X El Capitan, macOS High Sierra.

Earlier, Apple had released a fix for Meltdown, a vulnerability which allowed an attacker to access protected kernel memory. The fix, which was supposed to address security vulnerabilities only on newer Macs but Apple released an update for older versions of macOS as well.

Although the Spectre vulnerabilities were mitigated in earlier January, the mitigation produced a negligible result on the Speedometer and ARES-6 tests. Prior to the updates, Apple’s decision of opting to reserve the fixes to newer Macs resulted in the customers criticizing the company for forcing customers to update their entire operating system so that they could receive patches. Apart from Meltdown and Spectre, the updates also features fixes to various other vulnerabilities.

While the updates seem to fix the Meltdown and Spectre vulnerabilities, As per researchers one true fix to the vulnerability will be a hardware update, as these vulnerabilities are hardware-based and make use of the speculative execution mechanism of the CPU. The operating system updates implement the software workarounds for the vulnerablities.

Following CVE’s lead to arbitrary code execution, hence these are high priority security updates and need to consider applying these security updates as soon as possible.
CVE-2018-4088, CVE-2018-4096, CVE-2018-4089, CVE-2018-4094, CVE-2018-4087, CVE-2018-4095, CVE-2018-4082, CVE-2018-4085, CVE-2018-4098, CVE-2018-4097

Apple Security Updates Summary:

SecPod Saner detects these vulnerabilities and automatically fixes it by applying security updates. Download Saner now and keep your systems updated and secure.

Subscribe For More Posts Like This

Get the latest research, best practices, industry trends and cybersecurity blogs from SecPod security experts

Invalid email address
We promise not to spam you. You can unsubscribe at any time.
0 0 vote
Article Rating
Notify of
Inline Feedbacks
View all comments