Update. Not long after we published this article, Apple announced iOS 13.1.1, fixing yet another bug.
See below for the details of which updates came out when. [2019-09-27T18:10Z]
See below for the details of which updates came out when. [2019-09-27T18:10Z]
Remember the Black Hat conference of 2019?
To help narrow down your search, you can easily check your Mac for all installations and when they occurred. Here’s how to see the exact dates for app and macOS updates on Mac. Get to your system information. There are actually two quick ways to get where you need to go. 1) Click the Apple icon from your menu bar. 2) Select About This Mac. Early 2019 MacBook Pro updates are here and they include a tweaked keyboard and up to 8-core, 9th generation Intel Coffee Lake Refresh processors with Turbo Boost up to 5 GHz. The redesigned MacBook Air will get another update this year, says IHS Markit. IHS Markit offered few details about the update to the Retina MacBook Air, released in October 2018. 2019 MacBook Pro updates Along with announcing updates to its keyboard, Apple on Tuesday unveiled a slight update to its MacBook Pro lineup. Type Apple Software Update in the search field. Click on Apple Software Update when it appears in the search results dialog. Apple Software Update checks to see if any updates are available. Select the checkbox next to the updates that you want to install, click on the Install button, and then follow the onscreen instructions.
Chances are you didn’t attend – even though it’s a huge event, the vast majority of cybersecurity professionals only experience it remotely – but you probably heard about some of the more dramatic talk titles…
…including one from Google with the intriguing titleLook, no hands! – The remote, interaction-less attack surface of the iPhone.
The talk was presented by well-known Google Project Zero researcher Natalie Silvanovich, and it covered a wide-ranging vulnerability research project conduced by Silvanovich and her colleague Samuel Groß. Best video title making software.
They decided to dig into the software components in your iPhone that automatically process data uploaded from the outside, to see if they could find bugs that might be remotely exploitable.
Silvanovich and Groß investigated five message-handling components on the iPhone: SMS, MMS, Visual voicemail, email and iMessage.
The idea was to search not for security bugs by which you could be tricked into making a serious security blunder, but for holes by which your device itself could be tricked without you even being involved.
They found several such flaws, denoted by the following CVE numbers: CVE-2019-8624, -8641, -8647, -8660, -8661, -8662, and -8663.
Most of those holes were revealed to the public in August 2019, following Project Zero’s usual approach of ‘dropping’ detailed descriptions and proof-of-concept code to do with vulnerabilities for which patches already exist.
That’s why we urged you, back in August 2019, to double-check that you were patched up to iOS 12.4 – it’s risky to be unpatched at any time, let alone after exploit code is available to anyone who cares to download it.
Interestingly, Google deliberately kept quiet about CVE-2019-8641 at the time, noting that Apple’s fix “did not fully remediate the issue”. Does the sims 4 work on macbook air.
It looks as though the Project Zero researchers were right, because Apple’s latest slew of updates include a fix explicitly listed as:
What else?
If you have a Mac, the above patch is the only item listed in the latest update advisory.
The update isn’t big enough to get a new release number of its own, so it’s just macOS Mojave 10.14.6 Supplemental Update 2 (or Security Update 2019-005 if you are still on High Sierra 10.13.6 or Sierra 10.12.6).
If you have an iDevice that can’t run iOS 13 – for example, an iPhone 6 or earlier or an iPad mini 3 or earlier – then you get an update to iOS 12.4.2, and the above patch is the only one listed.
But Apple has listed many other fixes in iOS 13 along with the patch for CVE-2019-8641, including:
- Fixing a data leakage bug related to watching movie files.
- Closing another of José Rodríguez’s lock screen bypasses (CVE-2019-8742).
- Beefing up Face ID to make it harder to bypass using 3D models (CVE-2019-8760).
- Stopping a data leak via iOS 13’s new keyboard add-on system (CVE-2019-8704).
Stay put or move forward?
Slightly confusingly, the iOS 13 and iOS 13.1 advisories arrived at the same time, with the iOS 13.1 advisory listing only the patch for the lock screen bug found by José Rodríguez.
We’ve already been asked if this means that anyone who hasn’t yet updated to iOS 13, and who will now end up skipping straight from iOS 12.4.1 to iOS 13.1, will somehow skip the updates listed in the iOS 13 advisory.
The answer is, “No.”
Even more confusingly, less than 24 hours after iOS 13.1 and iOS 13 security advitories were published side-by-side, an update notification for iOS 13.1.1 arrived [2019-09-27T17:24Z in our mailbox] to fix yet another bug (CVE-2019-8779), this time relating to sandbox security.
Apple itself is credited with discovering this bug, so whether it was introduced by one of the recent fixes and needing shovelling out quickly, or had been waiting in the wings anyway, we can’t say.
(For all we know, iOS 13.1.1 might be an emergency patch for a patch that was itself an update to that abovementioned earlier patch that Google claimed “did not fully remediate the issue.”)
Anyway, a fresh install of iOS 13.1.1, or an update from any earlier version of iOS, is a cumulative update with everything you need rolled into it – if you skip over an update and catch up later, you won’t skip the security fixes that were in the one you missed.
We don’t know why Apple didn’t publish its iOS 13 advisory more than a week ago when iOS 13 actually came out.
One guess is that Apple didn’t want to draw too much attention to the fact that although iOS 13 received its CVE-2019-8641 fix more than a week ago, there was no corresponding fix for iOS 12.4.1, which many users were stuck with due to the age of their devices.
Anyway, all supported Apple operating systems now have the revised CVE-2019-8641 update, and it’s worth updating for that alone.
What to do?
On your Mac, go to Apple > About This Mac > Software Update…
On your iPhone, go to Settings > General > Software Update.
If you are already up to date, macOS and iOS will tell you; if not, they’ll offer to do the update right away.
Given that the headline bug in this round of patches could be abused to inject malicious code from a distance – what’s known as RCE, or Remote Code Execution – without waiting for you to click or approve anything, we recommend doing an update check right now.
Apple today has issued a rare update for its AirPort Utility application on iOS. While the AirPort hardware itself has long been discontinued, Apple continues to support the ecosystem when necessary.
Today’s update to the AirPort Utility application includes security improvements and general stability enhancements. Some users had reported problems with the AirPort Utility app on iOS 13, so this update likely resolves those issues.
Apple’s change log is short and sweet:
“This update includes general stability and security improvements.”
The company hasn’t provided any further detail on what sort of security improvements today’s release includes, but we’ll be sure to update if we learn more.
Over the summer, Apple released firmware security updates for the discontinued AirPort Express, Extreme, and Time Capsule Base Stations. This marks the first time that the AirPort Utility application itself, however, has been updated in over a year.
The AirPort Utility app is available on the App Store as a free download.
Yeah, because it didn’t work once you updated to iOS 13, lol
What Is The Max Ram To My A1311 Imac? - Apple Community
— Troy Ostermann (@fadonkins) October 14, 2019 Free recording software for windows 7.
See More Results
Read more:
TvOS 14.4
FTC: We use income earning auto affiliate links.More.