Apple pushes out critical security updates for OS X, iOS, watchOS, and other products
Apple has released security updates to fix critical vulnerabilities in the following Apple products: OS X El Capitan, Mavericks and Yosemite, OS X Server, Safari, watchOS, iOS, iTunes, Xcode, and Mac EFI.
OS X Server 5.0.15 patches two DoS vulnerabilities and one that could allow a remote attacker to bypass access restrictions. Xcode 7.1 fixes a low-severity type conversion issue. The Mac EFI Security Update plugs a hole that could lead to the exploitation of unused EFI functions. iTunes 12.3.1 patches flaws that could result in unexpected application termination or arbitrary code execution.
The rest of the updates are a bit more substantial and should definitely be implemented as soon as possible.
The update for Safari contains fixes for nine memory corruption issues that can lead to arbitrary code execution if the user visits a maliciously crafted website.
iOS 9.1 contains fixes for 49 security vulnerabilities, many of which could be exploited by attackers to perform arbitrary code execution (occasionally with system or kernel privileges) by making the user visit a malicious website, unpack a maliciously crafted archive, install a malicious app, process a maliciously crafted font file, or view a specially crafted image file. Among the fixed issues is also a validation issue in the OCSP client, which could be exploited to make a revoked certificate appear valid.
The update for watchOS replicates many of the fixes included in the iOS update, but also patches an issue affecting Apple Pay, which would allow Apple Pay terminals to retrieve limited recent transaction information when the user makes a payment.
Finally, the newest version of OS X El Capitan – v10.11.1 – and Security Update 2015-007, which is aimed at Mavericks and Yosemite users, slays 60 CVE-listed vulnerabilities, many of them critical (can lead to arbitrary code execution).
Among the fixed flaws is one affecting Managed Configuration, which could be used by a developer-signed app to bypass restrictions on use of restricted entitlements and elevate privileges; a vulnerability affecting OpenSSH, which could be used by a local user to conduct impersonation attacks; and one in Security Agent, which allows applications to create synthetic clicks on keychain prompts – something that can be misused by malicious applications.