At the same time as home windows customers are currently in worry of getting their systems hijacked by the WannaCry ransomware outbreak, Apple users are sitting comfortable, wondering that malware attacks are some thing that happens to windows customers, and not Apple.
but you are incorrect – Apple products are also no longer immune to the hack attacks and malware infections, as an e-book can hack your Mac, iPhone, and iPad.
Apple on Monday pushed out software program updates for iOS, macOS, Safari, tvOS, iCloud, iTunes, and watchOS to repair a total of sixty seven particular protection vulnerabilities, a lot of which allows attackers to carry out remote code execution on an affected gadget.
iOS is 10.3.2 for iPhone, iPad, and iPod
Apple’s cell working device iOS 10.3.2 for the iPhone, iPad and iPod touch addresses forty one security flaws, 23 of which is living in WebKit, such as 17 remote code execution and 5 cross-web page scripting (XSS) vulnerabilities.
besides this, iOS 10.3.2 also addresses a couple of flaws in iBooks for iOS (CVE-2017-2497, CVE-2017-6981) that would allow e-books to open arbitrary web sites and execute malicious code with root privileges.
other flaws addressed in iOS 10.3.2 include a memory corruption problem in AVE Video Encoder that could permit a malicious software to advantage kernel-stage privileges, and a certificates validation issue inside the certificates believe policy for handling of untrusted certificate.
Apple users can deploy iOS 10.three.2 by way of connecting their iOS gadgets to iTunes or downloading it directly through going to the Settings → standard → software program update.
macOS Sierra 10.12.five for El Capitan and Yosemite
Apple’s Mac working gadget macOS Sierra 10.12.five addresses a total of 37 vulnerabilities, including a couple of insects in iBook that permit the execution of arbitrary code with root privileges, and a separate bug in iBook that permits an utility to break out its secure sandbox.
other flaws addressed in macOS Sierra 10.12.5 consist of a wi-fi networking difficulty that allows the theft of network credentials, elevation of privilege insects in each the Intel and Nvidia pix drivers, and 4 distinctive arbitrary code execution flaws in SQLite.
Mac customers can down load the update via the App save → Updates. instead, macOS Sierra users may be download Sierra 10.12.5 as a stand-alone update, OS X El Capitan customers can down load the update right here, and OS X Yosemite customers can get the security replace right here.
Safari 10.1.1 for Apple Browser
Safari 10.1.1 addresses a total of 26 security troubles, 23 of which resides in WebKit, lots of that are additionally patched in the iOS 10.three.2.
rest three vulnerabilities are patched within the Safari browser itself.
The Safari 10.1.1 update can be downloaded by way of going to the App store → Updates on El Capitan and Yosemite structures.
watchOS 3.2.2 for Apple Watch
Apple Watch customers should set up watchOS 3.2.2 that patches a total of 12 protection vulnerabilities, four of which could be utilized by attackers to execute remote code execution on the affected tool.
customers of Apple Watch can download watchOS 3.2.2 by way of connecting their watch to its charger, and starting the Apple Watch app → My Watch tab → well known → software program replace on their iPhone.
tvOS 10.2.1 for Apple tv
Apple has also released tvOS 10.2.1 to patch a complete of 23 vulnerabilities, 12 of which is living in WebKit engine that would allow an attacker to carry out move-website scripting and far flung code execution attacks on a target tool.
The tvOS 10.2.1 update can be downloaded at once from the Apple television through going to Settings → machine → update software program.
iTunes 12.6.1 for windows and iCloud for windows 6.2.1
in the meantime, Apple additionally launched patches for windows users the use of iTunes and iCloud. both iTunes 12.6.1 and iCloud 6.2.1 patches a single remote code execution bug in WebKit for windows 7 and later.
Apple customers are advocated to update all their working systems for Apple merchandise and Safari as soon as feasible before cyber criminals exploited them. Patches are to be had thru computerized updates.
THIS IS AN ARCHIVED POST CREATED BACK IN 2017 NOT BY CURRENT WRITERS/STAFF/BRAND