Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
THE ENTERPRISE SECURITY SUPERSITE. UPDATED ABOUT A MINUTE AGO.
You are here: Home / Network Security / Security Update for Apple Devices
Security Patch Alert: Time To Update Your Apple Devices
Security Patch Alert: Time To Update Your Apple Devices
By Jef Cozza / Enterprise Security Today Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
MAY
16
2017
Tech giant Apple released multiple security upgrades yesterday for its iOS, watchOS, tvOS, and macOS systems, addressing dozens of security bugs across its devices. The iOS update fixes 41 security flaws, including some that could potentially allow a remote attacker to execute malicious code on an Apple mobile device.

The update seems to be well-timed, as most of the world is still reeling from the latest ransomeware pandemic that has been racing across the globe since late last week. While the ransomeware attack targets Windows systems, Mac users are likely to feel a little safer knowing they have the most recent security patches installed.

Mostly Security Fixes

Apple attributed almost half of the bug discoveries to Project Zero, Google's internal security and bug-hunting initiative. The most significant patch Apple released yesterday is for the macOS. The update includes several fixes to the operating systems kernel, some of which address security vulnerabilities that would allow an application to gain access to kernel privileges as well as execute arbitrary code with kernel privileges.

The iBooks application received several fixes for bugs that would have, among other things, allowed a maliciously crafted book to open Web sites on its own without user permission. Meanwhile SQLite, a relational database management system, received four separate patches for issues that could have given an attacker remote access to a user's device.

Apple's mobile operating system, iOS, also received a major security upgrade. Several of the fixes relate to similar problems as those addressed in the macOS patch, such as the SQLite vulnerabilities, and kernel and iBooks bugs. Another major component of the OS that was patched was WebKit, a component that helps power the Safari browser.

No New Functionality, But Some Glitches Fixed

The watchOS update includes improvements and bug fixes while the tvOS update provides bug fixes and other enhancements to the fourth-generation Apple TV.

WebKit received a whopping eight patches, including several that would have permitted hackers to attack a user's device through malicious Web content. The upgrade also changes the way Wi-Fi network credentials are handled to prevent having a person's username and password stolen when accessing a malicious hotspot.

The security fixes will likely be the foremost in users’ minds as they rush to update their devices, but they are not the only changes Apple rolled out yesterday. While the upgrades do not appear to include any major new functionality, they do address several performance issues that should make the user experience a bit more pleasant.

On the Macintosh platform that includes a fix for the problem where audio may stutter when played through USB headphones. The update fixes an issue affecting some enterprise and education clients that may cause the system date to be set to 2040, and also prevents a potential kernel panic from occurring when starting up from a NetInstall image. All of the updates can be downloaded over the air.

Image credit: iStock.

Tell Us What You Think
Comment:

Name:

Ed.:
Posted: 2017-05-16 @ 5:07pm PT
@Patricia: Those calls are NOT legit. Scammers call unsuspecting Apple users, telling them their iCloud account has been hacked. The caller claims to be from Apple's Support team, but is just trying to hack your account. DO NOT give out any info. You are smart to be cautious and concerned.

Rayna:
Posted: 2017-05-16 @ 5:02pm PT
@Patricia: They are probably not legitimate calls.

Patricia S:
Posted: 2017-05-16 @ 4:59pm PT
I have received 3 phone calls regarding apple security but have not responded to them. Are these calls the real thing or am I being hoodwinked?

Like Us on FacebookFollow Us on Twitter
MORE IN NETWORK SECURITY
ENTERPRISE SECURITY TODAY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.