After over two months of being in beta, Apple has finally released its latest bug fix updates to the public, including iOS 10.3.3, macOS 10.12.6 Sierra, watchOS 3.2.3, and tvOS 10.2.2. As the version numbers indicate, there are no new front-facing features.
There are, however, quite a few security fixes. iOS 10.3.3 includes various fixes for WebKit, including memory corruption issues that "may lead to arbitrary code execution", along with Kernel vulnerabilities that could allow an attacker to execute code with system or kernel priviledges. It also includes fixes for Contacts, CoreAudio, EventKitUI, IOUSBFamily, libarchive, libxml2, libxpc, Messages, Notifications, Safari, Safari Printing, Telephony, and Wi-Fi.
macOS 10.12.6 Sierra contains a similar-length list of security fixes, some of which are the same, such as a CoreAudio memory corruption issue that could allow a malicious movie file to execute code. It also includes fixes for afclip, AppleGraphicsPowerManagement, Audio, Bluetooth, Contacts, curl, Foundation, Intel Graphics Driver, IOUSBFamily, Kernel (five security fixes), kext tools, libarchive, libxml2, libxpc, and Wi-Fi. There are also a number of WebKit fixes for Safari 10.1.2, which is also available for older versions of the OS.
Next up is watchOS 3.2.3, which only has 10 security fixes listed, three of which have to do with the Kernel. The rest are Contacts, IOUSBFamily, libarchive, libxml2, libxpc, Messages, and Wi-Fi. Finally, tvOS 10.2.2 has 15 security fixes, including three Kernel and four WebKit vulnerabilities, the rest of which have to do with Contacts, CoreAudio, IOUSBFamily, libarchive, libxml2, libxpc, and Wi-Fi. Obviously, there is a lot of overlap between these changelogs.
3 Comments - Add comment