An app may be able to bypass Privacy preferences & Other Fixes

Security Updates
MacOS Ventura 13.7
September 16, 2024

Accounts

• Available for: macOS Ventura
• Impact: An app may be able to leak sensitive user information
• Description: The issue was addressed with improved checks.
• CVE-2024-44129

App Intents

• Available for: macOS Ventura
• Impact: An app may be able to access sensitive data logged when a shortcut fails to launch another app
• Description: This issue was addressed with improved redaction of sensitive information.
• CVE-2024-44182: Kirin (@Pwnrin)

AppKit

• Available for: macOS Ventura
• Impact: An unprivileged app may be able to log keystrokes in other apps including those using secure input mode
• Description: A logic issue was addressed with improved restrictions.
• CVE-2024-27886: Stephan Casas, an anonymous researcher

AppleMobileFileIntegrity

• Available for: macOS Ventura
• Impact: An app may be able to access sensitive user data
• Description: The issue was addressed with additional code-signing restrictions.
• CVE-2024-40847: Mickey Jin (@patch1t)

AppleMobileFileIntegrity

• Available for: macOS Ventura
• Impact: An app may be able to bypass Privacy preferences
• Description: A downgrade issue was addressed with additional code-signing restrictions.
• CVE-2024-40814: Mickey Jin (@patch1t)

AppleMobileFileIntegrity

• Available for: macOS Ventura
• Impact: An app may be able to bypass Privacy preferences
• Description: This issue was addressed with improved checks.
• CVE-2024-44164: Mickey Jin (@patch1t)

AppleMobileFileIntegrity

• Available for: macOS Ventura
• Impact: An app may be able to modify protected parts of the file system
• Description: A library injection issue was addressed with additional restrictions.
• CVE-2024-44168: Claudio Bozzato and Francesco Benvenuto of Cisco Talos

AppleMobileFileIntegrity

• Available for: macOS Ventura
• Impact: An attacker may be able to read sensitive information
• Description: A downgrade issue was addressed with additional code-signing restrictions.
• CVE-2024-40848: Mickey Jin (@patch1t)

Automator

• Available for: macOS Ventura
• Impact: An Automator Quick Action workflow may be able to bypass Gatekeeper
• Description: This issue was addressed by adding an additional prompt for user consent.
• CVE-2024-44128: Anton Boegler

bless

• Available for: macOS Ventura
• Impact: An app may be able to modify protected parts of the file system
• Description: A permissions issue was addressed with additional restrictions.
• CVE-2024-44151: Mickey Jin (@patch1t)

Compression

• Available for: macOS Ventura
• Impact: Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files
• Description: A race condition was addressed with improved locking.
• CVE-2024-27876: Snoolie Keffaber (@0xilis)

Dock

• Available for: macOS Ventura
• Impact: An app may be able to access user-sensitive data
• Description: A privacy issue was addressed by removing sensitive data.
• CVE-2024-44177: an anonymous researcher

Game Center

• Available for: macOS Ventura
• Impact: An app may be able to access user-sensitive data
• Description: A file access issue was addressed with improved input validation.
• CVE-2024-40850: Denis Tokarev (@illusionofcha0s)

ImageIO

• Available for: macOS Ventura
• Impact: Processing an image may lead to a denial-of-service
• Description: An out-of-bounds access issue was addressed with improved bounds checking.
• CVE-2024-44176: dw0r of ZeroPointer Lab working with Trend Micro Zero Day Initiative, an anonymous researcher

Intel Graphics Driver

• Available for: macOS Ventura
• Impact: Processing a maliciously crafted texture may lead to unexpected app termination
• Description: A buffer overflow issue was addressed with improved memory handling.
• CVE-2024-44160: Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative

Intel Graphics Driver

• Available for: macOS Ventura
• Impact: Processing a maliciously crafted texture may lead to unexpected app termination
• Description: An out-of-bounds read was addressed with improved bounds checking.
• CVE-2024-44161: Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative

IOSurfaceAccelerator

• Available for: macOS Ventura
• Impact: An app may be able to cause unexpected system termination
• Description: The issue was addressed with improved memory handling.
• CVE-2024-44169: Antonio Zekić

Kernel

• Available for: macOS Ventura
• Impact: Network traffic may leak outside a VPN tunnel
• Description: A logic issue was addressed with improved checks.
• CVE-2024-44165: Andrew Lytvynov

Mail Accounts

• Available for: macOS Ventura
• Impact: An app may be able to access information about a user's contacts
• Description: A privacy issue was addressed with improved private data redaction for log entries.
• CVE-2024-40791: Rodolphe BRUNETTI (@eisw0lf)

Maps

• Available for: macOS Ventura
• Impact: An app may be able to read sensitive location information
• Description: An issue was addressed with improved handling of temporary files.
• CVE-2024-44181: Kirin(@Pwnrin) and LFY(@secsys) from Fudan University

mDNSResponder

• Available for: macOS Ventura
• Impact: An app may be able to cause a denial-of-service
• Description: A logic error was addressed with improved error handling.
• CVE-2024-44183: Olivier Levon

Notes

• Available for: macOS Ventura
• Impact: An app may be able to overwrite arbitrary files
• Description: This issue was addressed by removing the vulnerable code.
• CVE-2024-44167: ajajfxhj

PackageKit

• Available for: macOS Ventura
• Impact: An app may be able to modify protected parts of the file system
• Description: This issue was addressed with improved validation of symlinks.
• CVE-2024-44178: Mickey Jin (@patch1t)

Safari

• Available for: macOS Ventura
• Impact: Visiting a malicious website may lead to user interface spoofing
• Description: This issue was addressed through improved state management.
• CVE-2024-40797: Rifa'i Rejal Maynando

Sandbox

• Available for: macOS Ventura
• Impact: A malicious application may be able to access private information
• Description: The issue was addressed with improved checks.
• CVE-2024-44163: Zhongquan Li (@Guluisacat)

Shortcuts

• Available for: macOS Ventura
• Impact: A shortcut may output sensitive user data without consent
• Description: This issue was addressed with improved redaction of sensitive information.
• CVE-2024-44158: Kirin (@Pwnrin)

Shortcuts

• Available for: macOS Ventura
• Impact: An app may be able to observe data displayed to the user by Shortcuts
• Description: A privacy issue was addressed with improved handling of temporary files.
• CVE-2024-40844: Kirin (@Pwnrin) and luckyu (@uuulucky) of NorthSea

System Settings

• Available for: macOS Ventura
• Impact: An app may be able to access user-sensitive data
• Description: A privacy issue was addressed with improved private data redaction for log entries.
• CVE-2024-44166: Kirin (@Pwnrin) and LFY (@secsys) from Fudan University

System Settings

• Available for: macOS Ventura
• Impact: An app may be able to read arbitrary files
• Description: A path handling issue was addressed with improved validation.
• CVE-2024-44190: Rodolphe BRUNETTI (@eisw0lf)

Transparency

• Available for: macOS Ventura
• Impact: An app may be able to access user-sensitive data
• Description: A permissions issue was addressed with additional restrictions.
• CVE-2024-44184: Bohdan Stasiuk (@Bohdan_Stasiuk)