[Nov 1, 2018]
Just in time for Halloween, Apple patches its operating systems for a series of critical flaws, including a set of FaceTime issues that could have potentially enabled attackers to launch an unauthorized call.
While much of the focus on Oct. 30 for Apple was on the company’s refreshed product launches for MacBook Air, Mini and iPad, Apple also released a series of critical security updates.
Among the updated releases are macOS Mojave 10.14.1, iOS 12.1 and watchOS 5.1, fixing high-impact flaws that include remote code execution issues that could potentially enable attackers to take over unpatched devices.
Code security vendor Semmle reported six of the remote code execution issues that were found in the XNU operating system kernel that is at core of Apple’s devices.
The vulnerabilities allow an attacker to mount a maliciously-crafted NFS volume to gain kernel-level privileges
Cyber Security Tips:
- Users and administrators are recommended to review the Apple security pages for the following products and apply the necessary updates:
- Safari 12.0.1
- iCloud for Windows 7.8
- iTunes 12.9.1
- watchOS 5.1
- iOS 12.1
- tvOS 12.1
- macOS Mojave 10.14.1, Security Update 2018-001 High Sierra, Security Update 2018-005 Sierra