Threat Level: green Handler on Duty: Russ McRee

SANS ISC: Apple Patches "Trident" Vulnerabilities in OS X / Safari - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Apple Patches "Trident" Vulnerabilities in OS X / Safari

About a week ago, Apple patched three vulnerabilities in iOS that had been used in a targeted exploit. This set of vulnerabilities, also known as "Trident," affected WebKit and the iOS kernel. Given the substantial code overlap between iOS and OS X, and in particular the fact that one of the vulnerabilities affected WebKit, it is no surprise that OS X and Safari are vulnerable as well.

Yesterday, Apple released a patch of OS X and Safari to address these issues.

The OS X update, which is only available for El Capitan and Yosemite, fixes the two kernel vulnerabilities. The Safari update which is available for OS X Mavericks and Yosemite (not the latest version, El Capitan), fixes the WebKit vulnerability.

I recommend patching these quickly given that the same vulnerabilities have already been exploited for iOS.

---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

I will be teaching next: Defending Web Applications Security Essentials - SANS Brussels September 2019

Johannes

3606 Posts
ISC Handler
I would love to see tools released for OSX and iOS to scan for indicators of compromise; are we closing the stable door after the trojan horse has been wheeled through it?

I guess Apple would need be challenged to create the scanner for iOS as they're the ones with the permissions to do so on non-jailbroken devices. As we would like to think they are..

dotBATman
Anonymous

Sign Up for Free or Log In to start participating in the conversation!