MA-918.042023: MyCERT Advisory - Apple Releases Security Updates for Multiple Products
1.0 Introduction
Recently, Apple has released security updates to address vulnerabilities in multiple products.
2.0 Impact
An attacker could exploit some of these vulnerabilities to take control of an affected device.
3.0 Affected Products
- macOS Ventura 13.3
- Safari 16.4
- Studio Display Firmware Update 16.4
- iOS 15.7.4 and iPadOS 15.7.4
- tvOS 16.4
- macOS Big Sur 11.7.5
- iOS 16.4 and iPadOS 16.4
- macOS Monterey 12.6.4
- watchOS 9.4
4.0 Recommendations
MyCERT encourages users and administrators to review the following advisories and apply the necessary updates.
- macOS Ventura 13.3 : https://support.apple.com/en-us/HT213670
- Safari 16.4 : https://support.apple.com/en-us/HT213671
- Studio Display Firmware Update 16.4 : https://support.apple.com/en-us/HT213672
- iOS 15.7.4 and iPadOS 15.7.4 : https://support.apple.com/en-us/HT213673
- tvOS 16.4 : https://support.apple.com/en-us/HT213674
- macOS Big Sur 11.7.5 : https://support.apple.com/en-us/HT213675
- iOS 16.4 and iPadOS 16.4 : https://support.apple.com/en-us/HT213676
- macOS Monterey 12.6.4 : https://support.apple.com/en-us/HT213677
- watchOS 9.4 : https://support.apple.com/en-us/HT213678
Generally, MyCERT advises the users of this devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact MyCERT through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 09:00 -18:00 MYT
Web: https://www.mycert.org.my
Twitter: https://twitter.com/mycert
Facebook: https://www.facebook.com/mycert.org.my
5.0 References
MA-913.032023: MyCERT Advisory - Apple Releases Security Updates for Multiple Products
1.0 Introduction
Recently, Apple has released security updates to address vulnerabilities in multiple products.
2.0 Impact
An attacker could exploit some of these vulnerabilities to take control of an affected device.
3.0 Affected Products
- Safari 16.3
- iOS 12.5.7
- macOS Monterey 12.6.3
- macOS Big Sur 11.7.3
- watchOS 9.3
- iOS 15.7.3 and iPadOS 15.7.3
- iOS 16.3 and iPadOS 16.3
- macOS Ventura 13.2
4.0 Recommendations
MyCERT encourages users and administrators to review the Apple security updates page for the following products and apply the necessary updates as soon as possible:
- Safari 16.3 : https://support.apple.com/en-us/HT213600
- iOS 12.5.7 : https://support.apple.com/en-us/HT213597
- macOS Monterey 12.6.3 : https://support.apple.com/en-us/HT213604
- macOS Big Sur 11.7.3 : https://support.apple.com/en-us/HT213603
- watchOS 9.3 : https://support.apple.com/en-us/HT213599
- iOS 15.7.3 and iPadOS 15.7.3 : https://support.apple.com/en-us/HT213598
- iOS 16.3 and iPadOS 16.3 : https://support.apple.com/en-us/HT213606
- macOS Ventura 13.2 : https://support.apple.com/en-us/HT213605
Generally, MyCERT advises the users of this devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact MyCERT through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 09:00 -18:00 MYT
Web: https://www.mycert.org.my
Twitter: https://twitter.com/mycert
Facebook: https://www.facebook.com/mycert.org.my
5.0 References
MA-910.022023: MyCERT Advisory - Apple Releases Security Updates for Multiple Products
1.0 Introduction
Recently, Apple has released security updates to address vulnerabilities in multiple products.
2.0 Impact
An attacker could exploit these vulnerabilities to take control of an affected device.
3.0 Affected Products
• Safari 16.3.1
• iOS 16.3.1 and iPadOS 16.3.1
• macOS 13.2.1
4.0 Recommendations
MyCERT encourages users and administrators to review the Apple security updates page for the following products and apply the necessary updates as soon as possible:
• Safari 16.3.1 - https://support.apple.com/kb/HT213638
• iOS 16.3.1 and iPadOS 16.3.1 - https://support.apple.com/kb/HT213635
• macOS 13.2.1 - https://support.apple.com/kb/HT213633
Generally, MyCERT advises the users of this devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact MyCERT through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 09:00 -18:00 MYT
Web: https://www.mycert.org.my
Twitter: https://twitter.com/mycert
Facebook: https://www.facebook.com/mycert.org.my
5.0 References
https://www.cisa.gov/uscert/ncas/current-activity/2023/02/14/apple-releases-security-updates-multiple-products
MA-896.122022: MyCERT Advisory - Apple Releases Security Updates for Multiple Products
1.0 Introduction
Apple has released security updates to address vulnerabilities in multiple products.
2.0 Impact
An attacker could exploit some of these vulnerabilities to take control of an affected device.
3.0 Affected Products
- Safari 16.2
- iCloud for Windows 14.1
- macOS Monterey 12.6.2
- macOS Big Sur 11.7.2
- tvOS 16.2
- watchOS 9.2
- iOS 15.7.2 and iPadOS 15.7.2
- iOS 16.2 and iPadOS 16.2
- macOS Ventura 13.1
4.0 Recommendations
MyCERT encourages users and administrators to review the Apple security updates page for the following products and apply the necessary updates as soon as possible.
The Apple security updates page is available at:
https://support.apple.com/en-us/HT201222
Generally, MyCERT advises the users of these devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please get in touch with MyCERT through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 09:00 -18:00 MYT
Web: https://www.mycert.org.my
Twitter: https://twitter.com/mycert
Facebook: https://www.facebook.com/mycert.org.my
5.0 References
MA-894.122022: MyCERT Advisory - Fortinet Authentication Bypass Vulnerability
1.0 Introduction
Fortinet released a security advisory regarding the CVE-2022-40684 vulnerability that is affecting multiple Fortinet devices and services.
2.0 Impact
An authentication bypass using an alternate path or channel vulnerability [CWE-288] in FortiOS, FortiProxy, and FortiSwitchManager may allow an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.
3.0 Affected Products
- FortiOS version 7.2.0 through 7.2.1
- FortiOS version 7.0.0 through 7.0.6
- FortiProxy version 7.2.0
- FortiProxy version 7.0.0 through 7.0.6
- FortiSwitchManager version 7.2.0
- FortiSwitchManager version 7.0.0
- FortiOS versions 5.x, 6.x are NOT impacted.
4.0 Indicators of Compromise
Exploitation Status:
- Fortinet is aware of an instance where this vulnerability was exploited and recommends immediately validating your systems against the following indicator of compromise in the device's logs:
user="Local_Process_Access"
Please contact customer support for assistance.
- Fortinet is aware of instances where this vulnerability was exploited to download the config file from the targeted devices and to add a malicious super_admin account called "fortigate-tech-support":
# show system admin
edit "fortigate-tech-support"
set accprofile "super_admin"
set vdom "root"
set password ENC [...]
next
Please contact customer support for assistance.
Workaround:
- FortiOS:
Disable HTTP/HTTPS administrative interface
OR
Limit IP addresses that can reach the administrative interface:
config firewall address
edit "my_allowed_addresses"
set subnet <MY IP> <MY SUBNET>
end
Then create an Address Group:
config firewall addrgrp
edit "MGMT_IPs"
set member "my_allowed_addresses"
end
Create the Local in Policy to restrict access only to the predefined group on the management interface (here: port1):
config firewall local-in-policy
edit 1
set intf port1
set srcaddr "MGMT_IPs"
set dstaddr "all"
set action accept
set service HTTPS HTTP
set schedule "always"
set status enable
next
edit 2
set intf "any"
set srcaddr "all"
set dstaddr "all"
set action deny
set service HTTPS HTTP
set schedule "always"
set status enable
end
If using non-default ports, create an appropriate service object for GUI administrative access:
config firewall service custom
edit GUI_HTTPS
set tcp-portrange <admin-sport>
next
edit GUI_HTTP
set tcp-portrange <admin-port>
end
Use these objects instead of "HTTPS HTTP "in the local-in policy 1 and 2 below.
UPDATE: When using an HA reserved management interface, the local in policy needs to be configured
slightly differently - please see: https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-
configure-a-local-in-policy-on-a-HA/ta-p/222005
Please contact customer support for assistance.
- FortiProxy:
Disable HTTP/HTTPS administrative interface
OR
For FortiProxy VM, all versions of FortiProxy appliance 7.0.6:
Limit IP addresses that can reach the administrative interface (here: port1):
config system interface
edit port1
set dedicated-to management
set trust-ip-1 <MY IP> <MY SUBNET>
end
Please contact customer support for assistance.
- FortiSwitchManager:
Disable HTTP/HTTPS administrative interface
Please contact customer support for assistance.
5.0 Recommendations
MyCERT recommends that customers validate their configuration to ensure that no unauthorized changes have been implemented by a malicious third party, regardless of whether they have upgraded.
MyCERT also strongly recommend system administrators follow the update steps below:
- Please upgrade to FortiOS version 7.2.2 or above
- Please upgrade to FortiOS version 7.0.7 or above
- Please upgrade to FortiProxy version 7.2.1 or above
- Please upgrade to FortiProxy version 7.0.7 or above
- Please upgrade to FortiSwitchManager version 7.2.1 or above
- Please upgrade to FortiSwitchManager version 7.0.1 or above
- Please upgrade to FortiOS version 7.0.5 B8001 or above for FG6000F and 7000E/F series platforms
Generally, MyCERT advises the users of these devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact MyCERT through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 09:00 -18:00 MYT
Web: https://www.mycert.org.my
Twitter: https://twitter.com/mycert
Facebook: https://www.facebook.com/mycert.org.my
5.0 References
MA-878.102022: MyCERT Advisory - Apple Releases Security Updates for Multiple Products
1.0 Introduction
Recently, Apple has released security updates to address vulnerabilities in multiple products.
2.0 Impact
An attacker could exploit some of these vulnerabilities to take control of an affected device.
3.0 Affected Products
• Safari
• iOS and iPadOS
• macOS
• tvOS
• watchOS
4.0 Recommendations
MyCERT encourages users and administrators to review the Apple security updates page for the following products and apply the necessary updates as soon as possible:
• Safari 16.1
• iOS 16.1 and iPadOS 16
• macOS Big Sur 11.7.1
• macOS Monterey 12.6.1
• macOS Ventura 13
• tvOS 16.1
• watchOS 9.1
Generally, MyCERT advises the users of this devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact MyCERT through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 09:00 -18:00 MYT
Web: https://www.mycert.org.my
Twitter: https://twitter.com/mycert
Facebook: https://www.facebook.com/mycert.org.my
5.0 References
https://www.cisa.gov/uscert/ncas/current-activity/2022/10/26/apple-releases-security-updates-multiple-products
MA-860.092022: MyCERT Advisory - Apple Releases Security Updates for Multiple Products
1.0 Introduction
Recently, Apple has released security updates to address vulnerabilities in multiple products.
2.0 Impact
An attacker could exploit some of these vulnerabilities to take control of an affected device.
3.0 Affected Products
The affected Apple products are iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation).
4.0 Recommendations
Users and administrators are recommended to review the Apple security updates page for the following products and apply the necessary updates as soon as possible:
• Safari 16
• iOS 16
• macOS Monterey 12.6
• macOS Big Sur 11.7
• iOS 15.7
• iPadOS 15.7
Kindly refer to the following URL:
https://support.apple.com/en-us/HT201222
Generally, MyCERT advises the users of this devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact MyCERT through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 09:00 -18:00 MYT
Web: https://www.mycert.org.my
Twitter: https://twitter.com/mycert
Facebook: https://www.facebook.com/mycert.org.my
5.0 References
• https://www.cisa.gov/uscert/ncas/current-activity/2022/09/13/apple-releases-security-updates-multiple-products
• https://support.apple.com/en-us/HT201222
• https://support.apple.com/en-us/HT213442
• https://support.apple.com/en-us/HT213446
• https://support.apple.com/en-us/HT213444
• https://support.apple.com/en-us/HT213443
• https://support.apple.com/en-us/HT213445
MA-850.082022: MyCERT Advisory - Apple Releases Security Update for iOS, iPadOS, macOS and Safari
1.0 Introduction
Apple has released security updates to address vulnerabilities in iOS devices.
No. | CVE | Bug Type/Impact | Affected Devices | Severity |
1 | CVE-2022-32893 | Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited | iOS iPadOS macOS Safari | Critical |
2 | CVE-2022-32894 | An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited | iOS iPadOS macOS | Critical |
2.0 Impact
Exploitation of these vulnerabilities could potentially cause arbitrary code execution and acquiring administrative privilege which are considered as critical severity. On the unpatched devices attacker can remotely:
- Monitor any running apps
- Upload and execute apps that are not from App Store
- Access all files and folders on the device
- Change devices security settings
- Retrieve GPS location
- Take screenshots
- Use the device's cameras and take photo
- Activate and record from the microphone
- Copy messages
- Track your browsing history
and more.
3.0 Affected Products
3.1 iOS and iPadOS devices that support iOS 15 with iOS 15.6 and below version installed
- iPhone 6s and later
- iPad Pro (all models)
- iPad Air 2 and later
- iPad 5th generation and later
- iPad mini 4 and later
- iPod touch (7th generation)
3.2 macOS devices that support macOS Monterey with macOS 12.5 and below version installed on these devices
- iMac - Late 2015 and later
- iMac Pro - 2017 and later
- MacBook Air - Early 2015 and later
- MacBook Pro - Early 2015 and later
- Mac Pro - Late 2013 and later
- Mac mini - Late 2014 and later
- MacBook - Early 2016 and later
3.3 Safari version 15.6 or below running on macOS Big Sur and macOS Catalina on these devices
- 2015 and earlier MacBook
- 2013 and earlier MacBook Air
- Late 2013 and earlier MacBook Pro
- 2014 and earlier iMac
- 2017 and earlier iMac Pro
- 2014 and earlier Mac mini
- 2013 and earlier Mac Pro
4.0 Recommendations
We encourage users and administrators to review the Apple security updates website and apply the necessary updates:
- Apple security updates: https://support.apple.com/en-my/HT201222
- About the security content of Safari 15.6.1: https://support.apple.com/en-my/HT213414
- About the security content of macOS Monterey 12.5.1: https://support.apple.com/en-my/HT213413
- About the security content of iOS 15.6.1 and iPadOS 15.6.1: https://support.apple.com/en-my/HT213412
To update, please refer:
- Update your iPhone, iPad, or iPod touch: https://support.apple.com/en-my/HT204204
- Update Safari and macOS on Mac: https://support.apple.com/en-my/HT201541
- Enable background updates in macOS: https://support.apple.com/en-my/HT207005
Generally, MyCERT advises the users of this devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact MyCERT through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 09:00 -18:00 MYT
Web: https://www.mycert.org.my
Twitter: https://twitter.com/mycert
Facebook: https://www.facebook.com/mycert.org.my
5.0 References
- Apple security updates: https://support.apple.com/en-my/HT201222
- About the security content of Safari 15.6.1: https://support.apple.com/en-my/HT213414
- About the security content of macOS Monterey 12.5.1: https://support.apple.com/en-my/HT213413
- About the security content of iOS 15.6.1 and iPadOS 15.6.1: https://support.apple.com/en-my/HT213412
- Update your iPhone, iPad, or iPod touch: https://support.apple.com/en-my/HT204204
- Update macOS on Mac: https://support.apple.com/en-my/HT201541
- About background updates in macOS: https://support.apple.com/en-my/HT207005
- Apple releases iOS 15.6.1 and macOS Monterey 12.5.1, here's what's new - https://www.xda-developers.com/ios-15-6-1-macos-12-5-1/
- Apple patches double zero-day in browser and kernel – update now! - https://nakedsecurity.sophos.com/2022/08/18/apple-patches-double-zero-day-in-browser-and-kernel-update-now/
MA-757.112019: MyCERT Advisory - iOS 13.2 and iPadOS 13.2 Security Updates
1.0 Introduction
Apple has released security updates to address vulnerabilities in iOS devices.
No. | Component | CVE | Bug Type |
1. | Account | CVE-2019-8787 | An out-of-bounds memory read where remote attacker may be able to leak memory. |
2. | App Store | CVE-2019-8803 | An authentication issue where user able to login into a previously logged in user without valid credential. |
3. | Associated Domain | CVE-2019-8788 | An issue existed in the parsing of URLs where it can lead to data exfiltration. |
4 | Audio |
CVE-2019-8785 CVE-2019-8797 |
A memory corruption issue where an application may be able to execute arbitrary code with system privileges. |
5 | AVEVideoEncoder | CVE-2019-8795 | A memory corruption issue where an application may be able to execute arbitrary code with system privileges. |
6 | Books | CVE-2019-8789 | A validation issue existed in the handling of symlinks. |
7 | Contacts | CVE-2017-7152 | An inconsistent user interface issue. |
8 | File System Events | CVE-2019-8798 | A memory corruption issue where an application may be able to execute arbitrary code with system privileges. |
9 | Graphic Driver | CVE-2019-8784 | A memory corruption issue where an application may be able to execute arbitrary code with system privileges. |
10 | Kernel | CVE-2019-8794 | A validation issue where aAn application may be able to read restricted memory. |
11 | Kernel | CVE-2019-8786 | A memory corruption issue where an application may be able to execute arbitrary code with kernel privileges. |
12 | Setup Assistant | CVE-2019-8804 | An inconsistency in Wi-Fi network configuration settings. |
13 | Screen Recording | CVE-2019-8793 | A consistency issue existed in deciding when to show the screen recording indicator. |
14 | WebKit | CVE-2019-8813 | A logic issue where browser can process maliciously crafted web content may lead to universal cross site scripting. |
15 | WebKit Process Model | CVE-2019-8815 | Multiple memory corruption issues found which attacker can use maliciously crafted web content to perform arbitrary code execution . |
In addition to above vulnerabilities, there are also additional 12 vulnerabilities associated with WebKit. These vulnerabilities only have general description where multiple memory corruption issues discovered.
No. | CVE |
1 | CVE-2019-8782 |
2 | CVE-2019-8783 |
3 | CVE-2019-8808 |
4 | CVE-2019-8811 |
5 | CVE-2019-8812 |
6 | CVE-2019-8814 |
7 | CVE-2019-8816 |
8 | CVE-2019-8819 |
9 | CVE-2019-8820 |
10 | CVE-2019-8821 |
11 | CVE-2019-8822 |
12 | CVE-2019-8823 |
2.0 Impact
Exploitation of these vulnerabilities could potentially cause data leak and remote code execution which considered as high severity. Some may cause the unpatched devices to terminate running processes or even freeze up.
3.0 Affected Products
iOS and iPadOS Devices that support iOS 13/ iPadOS 13 with iOS 13.1.3/ iPadOS 13.1.3 and below version installed
- iPhone 6s and later.
- iPad Air 2 and later.
- iPad mini 4 and later.
- iPod touch 7th generation.
4.0 Recommendations
We encourage users and administrators to review the Apple security updates website and apply the necessary updates:
- Apple security updates: https://support.apple.com/en-my/HT201222
- About the security content of iOS 13.2 and iPadOS 13.2: https://support.apple.com/en-my/HT210721
To update your iOS devices, please refer:
- Update your iPhone, iPad, or iPod touch: https://support.apple.com/en-my/HT204204
Generally, MyCERT advises the users of this devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact MyCERT through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Fax: +603 - 8008 7000 (Office Hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
SMS: CYBER999 REPORT EMAIL COMPLAINT to 15888
Business Hours: Mon - Fri 09:00 -18:00 MYT
Web: https://www.mycert.org.my
Twitter: https://twitter.com/mycert
Facebook: https://www.facebook.com/mycert.org.my
5.0 References
- https://support.apple.com/en-my/HT210721
MA-749.102019: MyCERT Alert - Security Update For iOS 12.4.2
1.0 Introduction
Apple has released security updates to address vulnerabilities in iOS devices.
2.0 Impact
Exploitation of these vulnerabilities could potentially cause data leak and arbitrary code execution in iMessage which consider as high severity. Some may cause the unpatched devices to terminate running processes or even freeze up.
This is especially dangerous to iOS devices that are not eligible to get iOS 13.1 update where the problem already mitigated.
3.0 Affected System and Devices
iOS Devices released in 2014 and earlier that support iOS 12 until iOS 12.4.1 and did not get update to iOS 13.1:
- iPhone 5s, iPhone 6, iPhone 6 Plus.
- iPad Air, iPad mini 2, iPad mini 3.
- iPod touch 6th generation.
4.0 Recommendations
We encourage users and administrators that still used iPhone, iPod and iPad that didn’t eligible to receive latest update to iOS 13.1 to review the Apple security updates website and apply the necessary updates:
- Apple security updates: https://support.apple.com/en-my/HT201222
- About the security content of iOS 12.4.2: https://support.apple.com/en-us/HT210590
To update your iOS devices, please refer:
- Update your iPhone, iPad, or iPod touch: https://support.apple.com/en-my/HT204204
Generally, MyCERT advises the users of this devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact MyCERT through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Fax: +603 - 8008 7000 (Office Hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
SMS: CYBER999 REPORT EMAIL COMPLAINT to 15888
Business Hours: Mon - Fri 09:00 -18:00 MYT
Web: https://www.mycert.org.my
Twitter: https://twitter.com/mycert
Facebook: https://www.facebook.com/mycert.org.my
5.0 References
- Apple security updates: https://support.apple.com/en-my/HT201222
- About the security content of iOS 12.4.2: https://support.apple.com/en-us/HT210590
- Update your iPhone, iPad, or iPod touch: https://support.apple.com/en-my/HT204204
- Google’s Project Zero (CVE-2019-8641): https://bugs.chromium.org/p/project-zero/issues/detail?id=1881
- The Fully Remote Attack Surface of the iPhone: https://googleprojectzero.blogspot.com/2019/08/the-fully-remote-attack-surface-of.html