Apple Releases macOS Sierra 10.12.1 and More with Security Fixes
Posted on
by
Jay Vrijenhoek
Today, Apple released software updates with security fixes for just about all of its products: macOS, iOS, watchOS, tvOS and Safari. Apple’s security updates are available for all Apple Watch models, iPhone 5 and later, iPad (4th generation and later), iPod touch (6th generation and later), Apple TV (4th generation), OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12.
One of the best things you can do to secure your computer is to keep your software up to date, because software vulnerabilities tend to be the easiest point of entry for hackers to circumvent your defenses. For this reason alone, it’s imperative to update the software on your Mac, your iOS devices, Apple TV and on your Apple Watch. Below is a list of issues addressed in Apple’s latest security updates, along with directions on where to obtain the updates.
macOS 10.12.1
Listed as an update that improves stability, compatibility and security it addresses the following:
- Adds an automatic smart album in Photos for Depth Effect images taken on iPhone 7 Plus.
- Improves the compatibility of Microsoft Office when using iCloud Desktop and Documents.
- Fixes an issue that may prevent Mail from updating when using a Microsoft Exchange account.
- Fixes an issue that caused text to sometimes paste incorrectly when using Universal Clipboard.
- Improves reliability of Auto Unlock with Apple Watch.
- Improves security and stability in Safari.
- Fixes an issue that may cause Mail to display unnecessary password prompts for AOL accounts.
- Improves compatibility with Fujitsu’s ScanSnap scanning software.
- Addresses a “Filter Failed” error when printing to some Canon printers.
- Fixes an issue that may prevent Grapher files from opening.
- Brings back the Safari option to “never use font sizes smaller than” for displaying fonts on webpages.
There are also 16 security fixes included. Most notable are patches to security where a local attacker may have been able to observe the length of a login password upon login, the CoreGraphics and ImageIO where viewing or parsing a maliciously crafted JPEG or PDF file may have lead to arbitrary code execution. FontParser also received a patch to prevent the disclosure of sensitive user information if a maliciously crafted font was parsed. FaceTime also received a patch to prevent an attacker in a privileged network position to cause a relayed call to continue transmitting audio while appearing as if the call terminated. The Safari 10.0.1 update is wrapped into this Sierra update as well. The full list of security fixes can be seen below or by visiting the Apple website.
Click here to see the full list of macOS Sierra 10.12.1 security fixesmacOS Sierra 10.12.1
Released October 24, 2016
AppleGraphicsControl
Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed through improved lock state checking.
CVE-2016-4662: Apple
AppleSMC
Available for: macOS Sierra 10.12
Impact: A local user may be able to elevate privileges
Description: A null pointer dereference was addressed through improved locking.
CVE-2016-4678: daybreaker@Minionz working with Trend Micro’s Zero Day Initiative
ATS
Available for: macOS Sierra 10.12
Impact: Processing a maliciously crafted font file may lead to arbitrary code execution
Description: A memory corruption issue was addressed through improved memory handling.
CVE-2016-4667: Simmon Huang of alipay, [email protected], Moony Li of Trend Micro, @Flyic
ATS
Available for: macOS Sierra 10.12
Impact: A local user may be able to execute arbitrary code with additional privileges
Description: A memory corruption issue was addressed through improved memory handling.
CVE-2016-4674: Shrek_wzw of Qihoo 360 Nirvan Team
CFNetwork Proxies
Available for: macOS Sierra 10.12
Impact: An attacker in a privileged network position may be able to leak sensitive user information
Description: A phishing issue existed in the handling of proxy credentials. This issue was addressed by removing unsolicited proxy password authentication prompts.
CVE-2016-7579: Jerry Decime
CoreGraphics
Available for: macOS Sierra 10.12
Impact: Viewing a maliciously crafted JPEG file may lead to arbitrary code execution
Description: A memory corruption issue was addressed through improved memory handling.
CVE-2016-4673: Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent
FaceTime
Available for: macOS Sierra 10.12
Impact: An attacker in a privileged network position may be able to cause a relayed call to continue transmitting audio while appearing as if the call terminated
Description: User interface inconsistencies existed in the handling of relayed calls. These issues were addressed through improved FaceTime display logic.
CVE-2016-4635: Martin Vigo (@martin_vigo) of salesforce.com
FontParser
Available for: macOS Sierra 10.12
Impact: Parsing a maliciously crafted font may disclose sensitive user information
Description: An out-of-bounds read was addressed through improved bounds checking.
CVE-2016-4660: Ke Liu of Tencent’s Xuanwu Lab
ImageIO
Available for: OS X El Capitan v10.11.6
Impact: Parsing a maliciously crafted PDF may lead to arbitrary code execution
Description: An out-of-bounds write was addressed through improved bounds checking.
CVE-2016-4671: Ke Liu of Tencent’s Xuanwu Lab, Juwei Lin (@fuzzerDOTcn)
ImageIO
Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6
Impact: Processing a maliciously crafted image may result in the disclosure of process memory
Description: An out-of-bounds read issue existed in the SGI image parsing. This issue was addressed through improved bounds checking.
CVE-2016-4682: Ke Liu of Tencent’s Xuanwu Lab
libarchive
Available for: macOS Sierra 10.12
Impact: A malicious archive may be able to overwrite arbitrary files
Description: An issue existed within the path validation logic for symlinks. This issue was addressed through improved path sanitization.
CVE-2016-4679: Omer Medan of enSilo Ltd
libxpc
Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12
Impact: An application may be able to execute arbitrary code with root privileges
Description: A logic issue was addressed through additional restrictions.
CVE-2016-4675: Ian Beer of Google Project Zero
ntfs
Available for: macOS Sierra 10.12
Impact: An application may be able to cause a denial of service
Description: An issue existed in the parsing of disk images. This issue was addressed through improved validation.
CVE-2016-4661: Recurity Labs on behalf of BSI (German Federal Office for Information Security)
NVIDIA Graphics Drivers
Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6
Impact: An application may be able to cause a denial of service
Description: A memory corruption issue was addressed through improved input validation.
CVE-2016-4663: Apple
Security
Available for: macOS Sierra 10.12
Impact: A local attacker can observe the length of a login password when a user logs in
Description: A logging issue existed in the handling of passwords. This issue was addressed by removing password length logging.
CVE-2016-4670: an anonymous researcher
System Boot
Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12
Impact: A local user may be able to cause an unexpected system termination or arbitrary code execution in the kernel
Description: Multiple input validation issues existed in MIG generated code. These issues were addressed through improved validation.
CVE-2016-4669: Ian Beer of Google Project Zero
The update can be downloaded by going to the App Store > Updates tab.
Note that Security Update 2016-002 10.11.6 was also released today for El Capitan users and Security Update 2016-006 10.10.5 for Yosemite users. The list of vulnerabilities these updates addressed have been listed on the Sierra 10.12.1 security content page.
These Security Updates can be downloaded through the download links above or the App Store via the Updates tab.
iOS 10.1
Listed as an update that includes Portrait Camera for iPhone 7 Plus (beta), transit directions for Japan, stability improvements and bug fixes. The list of improvements is lengthy and can be read here. As for security related fixes, there were a total of 13. Most of the same issues that were found in macOS were addressed in iOS as well, including the Security, CoreGraphics, ImageIO and FontParser vulnerabilities. For iOS specifically, two Sandbox Profiles vulnerabilities were addressed to prevent an application from being able to retrieve metadata of photo directories and audio recording directories. The full list of security fixes can be seen below or by visiting the Apple website.
Click here to see the full list of iOS 10.1 security fixesiOS 10.1
Released October 24, 2016
CFNetwork Proxies
Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
Impact: An attacker in a privileged network position may be able to leak sensitive user information
Description: A phishing issue existed in the handling of proxy credentials. This issue was addressed by removing unsolicited proxy password authentication prompts.
CVE-2016-7579: Jerry Decime
Contacts
Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
Impact: An application may be able to maintain access to the Address Book after access is revoked in Settings
Description: An access control issue in the Address Book was addressed through improved file-link validation.
CVE-2016-4686: Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, William Enck (North Carolina State University); Lucas Vincenzo Davi, Ahmad-Reza Sadeghi (TU Darmstadt)
CoreGraphics
Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
Impact: Viewing a maliciously crafted JPEG file may lead to arbitrary code execution
Description: A memory corruption issue was addressed through improved memory handling.
CVE-2016-4673: Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent
FaceTime
Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
Impact: An attacker in a privileged network position may be able to cause a relayed call to continue transmitting audio while appearing as if the call terminated
Description: User interface inconsistencies existed in the handling of relayed calls. These issues were addressed through improved FaceTime display logic.
CVE-2016-4635: Martin Vigo (@martin_vigo) of salesforce.com
FontParser
Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
Impact: Parsing a maliciously crafted font may disclose sensitive user information
Description: An out-of-bounds read was addressed through improved bounds checking.
CVE-2016-4660: Ke Liu of Tencent’s Xuanwu Lab
Kernel
Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
Impact: An application may be able to disclose kernel memory
Description: A validation issue was addressed through improved input sanitization.
CVE-2016-4680: Max Bazaliy of Lookout and in7egral
libarchive
Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
Impact: A malicious archive may be able to overwrite arbitrary files
Description: An issue existed within the path validation logic for symlinks. This issue was addressed through improved path sanitization.
CVE-2016-4679: Omer Medan of enSilo Ltd
libxpc
Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
Impact: An application may be able to execute arbitrary code with root privileges
Description: A logic issue was addressed through additional restrictions.
CVE-2016-4675: Ian Beer of Google Project Zero
Sandbox Profiles
Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
Impact: An application may be able to retrieve metadata of photo directories
Description: An access issue was addressed through additional sandbox restrictions on third party applications.
CVE-2016-4664: Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, William Enck (North Carolina State University); Lucas Vincenzo Davi, Ahmad-Reza Sadeghi (TU Darmstadt)
Sandbox Profiles
Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
Impact: An application may be able to retrieve metadata of audio recording directories
Description: An access issue was addressed through additional sandbox restrictions on third party applications.
CVE-2016-4665: Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, William Enck (North Carolina State University); Lucas Vincenzo Davi, Ahmad-Reza Sadeghi (TU Darmstadt)
Security
Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
Impact: A local attacker can observe the length of a login password when a user logs in
Description: A logging issue existed in the handling of passwords. This issue was addressed by removing password length logging.
CVE-2016-4670: an anonymous researcher
System Boot
Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
Impact: A local user may be able to cause an unexpected system termination or arbitrary code execution in the kernel
Description: Multiple input validation issues existed in MIG generated code. These issues were addressed through improved validation.
CVE-2016-4669: Ian Beer of Google Project Zero
WebKit
Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: Multiple memory corruption issues were addressed through improved memory handling.
CVE-2016-4677: Anonymous working with Trend Micro Zero Day Initiative
