MA-970.092023: MyCERT Advisory - Apple Releases Security Updates for iOS and macOS
1.0 Introduction
Recently, Apple has released security updates to address a vulnerability in multiple products.
2.0 Impact
A cyber threat actor could exploit this vulnerability to take control of an affected device.
3.0 Affected Products
4.0 Recommendations
MyCERT encourages users and administrators to review the following advisories and apply the necessary updates.
Kindly refer to the following:
- https://support.apple.com/en-us/HT213913
- https://support.apple.com/en-us/HT213914
- https://support.apple.com/en-us/HT213915
Generally, MyCERT advises the users of this devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact MyCERT through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 09:00 -18:00 MYT
Web: https://www.mycert.org.my
Twitter: https://twitter.com/mycert
Facebook: https://www.facebook.com/mycert.org.my
5.0 References
https://www.cisa.gov/news-events/alerts/2023/09/12/apple-releases-security-updates-ios-and-macos
MA-947.062023: MyCERT Advisory - Apple Releases Security Updates for Multiple Products
1.0 Introduction
Recently, Apple has released security updates to address vulnerabilities in multiple products.
2.0 Impact
An attacker could exploit some of these vulnerabilities to take control of an affected device:
- CVE-2023-32434: An integer overflow vulnerability in the Kernel that could be exploited by a malicious app to execute arbitrary code with kernel privileges.
- CVE-2023-32435: A memory corruption vulnerability in WebKit that could lead to arbitrary code execution when processing specially crafted web content.
3.0 Affected Products
- watchOS 8.8.1 - Apple Watch Series 3, Series 4, Series 5, Series 6, Series 7, and SE
- macOS Big Sur 11.7.8
- macOS Monterey 12.6.7
- iOS 15.7.7 and iPadOS 15.7.7 - iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later
- watchOS 9.5.2 -Apple Watch Series 4 and later
- macOS Ventura 13.4.1
- iOS 16.5.1 and iPadOS 16.5.1 - iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)
4.0 Recommendations
MyCERT encourages users and administrators to review the following advisories and apply the necessary updates.
Kindly refer to the following URLs:
- watchOS 8.8.1 : https://support.apple.com/en-my/HT213808
- macOS Big Sur 11.7.8 : https://support.apple.com/en-my/HT213809
- macOS Monterey 12.6.7 : https://support.apple.com/en-my/HT213810
- iOS 15.7.7 and iPadOS 15.7.7 : https://support.apple.com/en-my/HT213811
- watchOS 9.5.2 : https://support.apple.com/en-my/HT213812
- macOS Ventura 13.4.1 : https://support.apple.com/en-my/HT213813
- iOS 16.5.1 and iPadOS 16.5.1 : https://support.apple.com/en-my/HT213814
Generally, MyCERT advises the users of this devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
To update, please refer:
- Update your iPhone, iPad, or iPod touch: https://support.apple.com/en-my/HT204204
- Update Safari and macOS on Mac: https://support.apple.com/en-my/HT201541
- Enable background updates in macOS: https://support.apple.com/en-my/HT207005
For further enquiries, please contact MyCERT through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 09:00 -18:00 MYT
Web: https://www.mycert.org.my
Twitter: https://twitter.com/mycert
Facebook: https://www.facebook.com/mycert.org.my
5.0 References
- https://www.cisa.gov/news-events/alerts/2023/06/22/apple-releases-security-updates-multiple-products
- https://thehackernews.com/2023/06/zero-day-alert-apple-releases-patches.html?m=1
- https://nvd.nist.gov/vuln/detail/CVE-2023-32434
- https://nvd.nist.gov/vuln/detail/CVE-2023-32435
- https://support.apple.com/en-my/HT201222
MA-918.042023: MyCERT Advisory - Apple Releases Security Updates for Multiple Products
1.0 Introduction
Recently, Apple has released security updates to address vulnerabilities in multiple products.
2.0 Impact
An attacker could exploit some of these vulnerabilities to take control of an affected device.
3.0 Affected Products
- macOS Ventura 13.3
- Safari 16.4
- Studio Display Firmware Update 16.4
- iOS 15.7.4 and iPadOS 15.7.4
- tvOS 16.4
- macOS Big Sur 11.7.5
- iOS 16.4 and iPadOS 16.4
- macOS Monterey 12.6.4
- watchOS 9.4
4.0 Recommendations
MyCERT encourages users and administrators to review the following advisories and apply the necessary updates.
- macOS Ventura 13.3 : https://support.apple.com/en-us/HT213670
- Safari 16.4 : https://support.apple.com/en-us/HT213671
- Studio Display Firmware Update 16.4 : https://support.apple.com/en-us/HT213672
- iOS 15.7.4 and iPadOS 15.7.4 : https://support.apple.com/en-us/HT213673
- tvOS 16.4 : https://support.apple.com/en-us/HT213674
- macOS Big Sur 11.7.5 : https://support.apple.com/en-us/HT213675
- iOS 16.4 and iPadOS 16.4 : https://support.apple.com/en-us/HT213676
- macOS Monterey 12.6.4 : https://support.apple.com/en-us/HT213677
- watchOS 9.4 : https://support.apple.com/en-us/HT213678
Generally, MyCERT advises the users of this devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact MyCERT through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 09:00 -18:00 MYT
Web: https://www.mycert.org.my
Twitter: https://twitter.com/mycert
Facebook: https://www.facebook.com/mycert.org.my
5.0 References
MA-913.032023: MyCERT Advisory - Apple Releases Security Updates for Multiple Products
1.0 Introduction
Recently, Apple has released security updates to address vulnerabilities in multiple products.
2.0 Impact
An attacker could exploit some of these vulnerabilities to take control of an affected device.
3.0 Affected Products
- Safari 16.3
- iOS 12.5.7
- macOS Monterey 12.6.3
- macOS Big Sur 11.7.3
- watchOS 9.3
- iOS 15.7.3 and iPadOS 15.7.3
- iOS 16.3 and iPadOS 16.3
- macOS Ventura 13.2
4.0 Recommendations
MyCERT encourages users and administrators to review the Apple security updates page for the following products and apply the necessary updates as soon as possible:
- Safari 16.3 : https://support.apple.com/en-us/HT213600
- iOS 12.5.7 : https://support.apple.com/en-us/HT213597
- macOS Monterey 12.6.3 : https://support.apple.com/en-us/HT213604
- macOS Big Sur 11.7.3 : https://support.apple.com/en-us/HT213603
- watchOS 9.3 : https://support.apple.com/en-us/HT213599
- iOS 15.7.3 and iPadOS 15.7.3 : https://support.apple.com/en-us/HT213598
- iOS 16.3 and iPadOS 16.3 : https://support.apple.com/en-us/HT213606
- macOS Ventura 13.2 : https://support.apple.com/en-us/HT213605
Generally, MyCERT advises the users of this devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact MyCERT through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 09:00 -18:00 MYT
Web: https://www.mycert.org.my
Twitter: https://twitter.com/mycert
Facebook: https://www.facebook.com/mycert.org.my
5.0 References
MA-910.022023: MyCERT Advisory - Apple Releases Security Updates for Multiple Products
1.0 Introduction
Recently, Apple has released security updates to address vulnerabilities in multiple products.
2.0 Impact
An attacker could exploit these vulnerabilities to take control of an affected device.
3.0 Affected Products
• Safari 16.3.1
• iOS 16.3.1 and iPadOS 16.3.1
• macOS 13.2.1
4.0 Recommendations
MyCERT encourages users and administrators to review the Apple security updates page for the following products and apply the necessary updates as soon as possible:
• Safari 16.3.1 - https://support.apple.com/kb/HT213638
• iOS 16.3.1 and iPadOS 16.3.1 - https://support.apple.com/kb/HT213635
• macOS 13.2.1 - https://support.apple.com/kb/HT213633
Generally, MyCERT advises the users of this devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact MyCERT through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 09:00 -18:00 MYT
Web: https://www.mycert.org.my
Twitter: https://twitter.com/mycert
Facebook: https://www.facebook.com/mycert.org.my
5.0 References
https://www.cisa.gov/uscert/ncas/current-activity/2023/02/14/apple-releases-security-updates-multiple-products
MA-896.122022: MyCERT Advisory - Apple Releases Security Updates for Multiple Products
1.0 Introduction
Apple has released security updates to address vulnerabilities in multiple products.
2.0 Impact
An attacker could exploit some of these vulnerabilities to take control of an affected device.
3.0 Affected Products
- Safari 16.2
- iCloud for Windows 14.1
- macOS Monterey 12.6.2
- macOS Big Sur 11.7.2
- tvOS 16.2
- watchOS 9.2
- iOS 15.7.2 and iPadOS 15.7.2
- iOS 16.2 and iPadOS 16.2
- macOS Ventura 13.1
4.0 Recommendations
MyCERT encourages users and administrators to review the Apple security updates page for the following products and apply the necessary updates as soon as possible.
The Apple security updates page is available at:
https://support.apple.com/en-us/HT201222
Generally, MyCERT advises the users of these devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please get in touch with MyCERT through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 09:00 -18:00 MYT
Web: https://www.mycert.org.my
Twitter: https://twitter.com/mycert
Facebook: https://www.facebook.com/mycert.org.my
5.0 References
MA-885.112022: MyCERT Advisory - Apple Releases Security Update for Xcode
1.0 Introduction
Recently, Apple has released a security update to address vulnerabilities in Xcode.
2.0 Impact
A remote attacker could exploit one of these vulnerabilities to take control of an affected system.
3.0 Affected Products
Apple Xcode
4.0 Recommendations
MyCERT encourages users and administrators to review the Apple security page for Xcode 14.1 and apply the necessary update.
Generally, MyCERT advises the users of this devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact MyCERT through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 09:00 -18:00 MYT
Web: https://www.mycert.org.my
Twitter: https://twitter.com/mycert
Facebook: https://www.facebook.com/mycert.org.my
5.0 References
MA-878.102022: MyCERT Advisory - Apple Releases Security Updates for Multiple Products
1.0 Introduction
Recently, Apple has released security updates to address vulnerabilities in multiple products.
2.0 Impact
An attacker could exploit some of these vulnerabilities to take control of an affected device.
3.0 Affected Products
• Safari
• iOS and iPadOS
• macOS
• tvOS
• watchOS
4.0 Recommendations
MyCERT encourages users and administrators to review the Apple security updates page for the following products and apply the necessary updates as soon as possible:
• Safari 16.1
• iOS 16.1 and iPadOS 16
• macOS Big Sur 11.7.1
• macOS Monterey 12.6.1
• macOS Ventura 13
• tvOS 16.1
• watchOS 9.1
Generally, MyCERT advises the users of this devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact MyCERT through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 09:00 -18:00 MYT
Web: https://www.mycert.org.my
Twitter: https://twitter.com/mycert
Facebook: https://www.facebook.com/mycert.org.my
5.0 References
https://www.cisa.gov/uscert/ncas/current-activity/2022/10/26/apple-releases-security-updates-multiple-products
MA-860.092022: MyCERT Advisory - Apple Releases Security Updates for Multiple Products
1.0 Introduction
Recently, Apple has released security updates to address vulnerabilities in multiple products.
2.0 Impact
An attacker could exploit some of these vulnerabilities to take control of an affected device.
3.0 Affected Products
The affected Apple products are iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation).
4.0 Recommendations
Users and administrators are recommended to review the Apple security updates page for the following products and apply the necessary updates as soon as possible:
• Safari 16
• iOS 16
• macOS Monterey 12.6
• macOS Big Sur 11.7
• iOS 15.7
• iPadOS 15.7
Kindly refer to the following URL:
https://support.apple.com/en-us/HT201222
Generally, MyCERT advises the users of this devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact MyCERT through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 09:00 -18:00 MYT
Web: https://www.mycert.org.my
Twitter: https://twitter.com/mycert
Facebook: https://www.facebook.com/mycert.org.my
5.0 References
• https://www.cisa.gov/uscert/ncas/current-activity/2022/09/13/apple-releases-security-updates-multiple-products
• https://support.apple.com/en-us/HT201222
• https://support.apple.com/en-us/HT213442
• https://support.apple.com/en-us/HT213446
• https://support.apple.com/en-us/HT213444
• https://support.apple.com/en-us/HT213443
• https://support.apple.com/en-us/HT213445
MA-855.092022: MyCERT Advisory - Apple Releases Security Updates for Multiple Products
1.0 Introduction
Recently, Apple has released security updates to address a vulnerability (CVE-2022-32893) in iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation).
2.0 Impact
A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
3.0 Affected Product
The affected Apple product are iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation)
4.0 Recommendations
Users and administrators are recommended to review Apple’s advisory HT213428 and apply necessary updates. Kindly refer to the below URLs:
https://support.apple.com/en-us/HT213428
https://support.apple.com/en-us/HT201222
Generally, MyCERT advises the users of this devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact MyCERT through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 09:00 -18:00 MYT
Web: https://www.mycert.org.my
Twitter: https://twitter.com/mycert
Facebook: https://www.facebook.com/mycert.org.my
5.0 References
• https://www.cisa.gov/uscert/ncas/current-activity/2022/09/01/apple-releases-security-updates-multiple-products
• https://support.apple.com/en-us/HT213428
• https://support.apple.com/en-us/HT201222
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32893