Not a user yet?
Log in Register for free Suggest a product
DE | EN
Update

Major bug fixes

macOSmacOS
Apple
Update from johannes-devicebaseUpdate from:
johannes-devicebase (expert)

Bug fixes

Apple Neural Engine

  • Available for: macOS Ventura
  • Impact: An app may be able to execute arbitrary code with kernel privileges.
  • Description: The issue has been resolved through improved memory management.
  • CVE-2024-23212: Ye Zhang from Baidu Security

Accessibility

  • Available for: macOS Ventura
  • Impact: An app may be able to access sensitive user data.
  • Description: A privacy issue was fixed by improving the masking of private data in log entries.
  • CVE-2023-42937: Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab)

Core Data

  • Available for: macOS Ventura
  • Impact: The privacy settings may be bypassed by an app.
  • Description: This issue has been fixed by removing the vulnerable code.
  • CVE-2023-40528: Kirin (@Pwnrin) from NorthSea

curl

  • Available for: macOS Ventura
  • Impact: Multiple issues in curl
  • Description: Several issues have been fixed by updating curl to version 8.4.0.
  • CVE-2023-38545
  • CVE-2023-38039
  • CVE-2023-38546
  • CVE-2023-42915

Finder

  • Available for: macOS Ventura
  • Impact: An app may be able to access sensitive user data.
  • Description: The issue has been resolved through improved checks.
  • CVE-2024-23224: Brian McNulty

ImageIO

  • Available for: macOS Ventura
  • Impact: Processing a maliciously crafted image file could lead to process memory disclosure.
  • Description: The issue has been resolved through improved checks.
  • CVE-2023-42888: Michael DePlante (@izobashi) from the Trend Micro Zero Day Initiative

LoginWindow

  • Available for: macOS Ventura
  • Impact: A local attacker may be able to see the desktop of a previously logged in user on the quick user switch screen.
  • Description: An authentication issue has been fixed with improved state management.
  • CVE-2023-42935

Mail Search

  • Available for: macOS Ventura
  • Impact: An app may be able to access sensitive user data.
  • Description: This issue has been resolved by improving the masking of sensitive information.
  • CVE-2024-23207: Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab) and Ian de Marcellus

NSOpenPanel

  • Available for: macOS Ventura
  • Impact: An app may be able to read arbitrary files.
  • Description: An access issue was fixed by adding sandbox restrictions.
  • CVE-2023-42887: Ron Masas from BreakPoint.sh

WebKit

  • Available for: macOS Ventura
  • Impact: Processing maliciously crafted web content may lead to the execution of arbitrary code. Apple is aware of a report that this issue may have been exploited.
  • Description: A type confusion issue has been fixed through improved checks.
  • WebKit Bugzilla: 267134
  • CVE-2024-23222
Version: Ventura 13.6.4 Link
More updatesTo the product
Receive Important Update Messages Stay tuned for upcoming Apple macOS updates

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad