Apple today released updates for iOS 8 and OS X 10.10 (Yosemite) . Here are some of the highlights from a security point of view:
OS 10.10.1
(approx. listed in order of severity)
CVE |
Impact |
ISC Rating |
Description |
2014-4459 |
Remote Code Execution |
critical |
A vulnerability in Webkit could allow a malicious site to execute arbitrary code |
2014-4453 |
Information Leakage |
important |
The index Spotlight creates on a removable drive may include content from other drives. This vulnerability was recently discussed publicly in a blog and the author discovered e-mail fragment in the Spotlight index created on a USB drive. |
2014-4460 |
Information Leakage |
important |
Safari may not delete all cached files after leaving private browsing. If a user visits a site without private browsing after visiting the same site with private browsing enabled, then the site may be able to connect the two visits. |
2014-4458 |
Information Leakage |
important |
The "About this Mac" feature includes unnecessary details that are reported back to Apple to determine the system model |
iOS
CVE |
Impact |
Severity |
Description |
CVE-2014-4452
CVE-2014-4462 |
remote code execution |
critical |
Webkit issues that will lead to arbitrary code execution when visting a malicious webpage |
CVE-2014-4455 |
unsigned code exeuction |
important |
A local user may execute unsinged code |
CVE-2014-4460 |
information leakage |
important |
Safari doesn't delete all cached files when leaving private mode |
CVE-2014-4461 |
privilege escalation |
important |
A malicious application may execute arbitrary codes using System privileges. |
CVE-2014-4451 |
security feature bypass |
important |
An attacker may be able to exceed the maximum passcode attempt limit to bypass the lockscreen. |
CVE-2014-4463 |
information leakage |
important |
the "leave message" feature in Facetime may have allowed sending photos from the device. |
CVE-2014-4457 |
code execution |
important |
the debug feature would allow applications to be spawned that were not being debugged. |
CVE-2014-4453 |
informtion leakage |
important |
iOS would submit the devices location to Spotlight Suggestion servers before the user entered a query |
Apple TV
CVE |
Impact |
Severity |
Description |
CVE-2014-4462 |
Code Execution |
Critical |
A memory corruption in WebKit may be used to terminate applications or run arbitrary code. |
CVE-2014-4455 |
Code Execution |
Important |
A local user may execute unsigned code |
CVE-2014-4461 |
Privilege Elevation |
Important |
A malicious application may be able to execute arbitrary code with system privileges. |
---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn
I will be teaching next:
Application Security: Securing Web Apps, APIs, and Microservices - SANS London June 2022