ALERT: Apple Emergency Update (CVE-2019-8605)

Apple has released an emergency patch CVE-2019-8605 to fix a flaw in the kernelcomponent. Reports indicate that Apple had accidentally reverted a patch previously issued for this vulnerability in May 2019. The devices which had installed updates released in June 2019 were exposed to this vulnerability again. Therefore, a good vulnerability management tool can resolve these issues.

This vulnerability was discovered by Ned Williamson of Google Project Zero. Ned Williamson had released an exploit named ‘SockPuppet’ and ‘SockPuppet2’. An update version of this exploit name ‘SockPuppet 3.0‘ was releasing by another security researcher named Umang Raghuvanshi. A hacker identified as Pwn20wnd released a public jailbreak to work on the devices running security updates from June. Thus, Vulnerability management tools can prevent these attacks.

Identified by CVE-2019-8605, this is a ‘use-after-free’ vulnerability that allows a malicious application to execute arbitrary code with system privileges and jailbreak on devices. This also allows users to install and run uncertified software. Researchers warn that the applications available for download from the AppStore could contain a copy of jailbreak in them. Hence it is the advise to verify every application before downloading and installing.

Apple has fixed this vulnerability with security updates for  Mac OS X:

• macOS

• Product: MacOS 
• Affected OS: macOS Mojave 10.14.6
• Affected feature:Kernel
• Impact: Arbitrary code execution with system privileges
• CVE:CVE-2019-8605

SecPod SanerNow  detects these vulnerabilities in macOS and automatically fixes them by applying security updates.

Try SecPod’s Endpoint Management and secure your endpoints.