Via: ZDNet
“Apple has squashed dozens of security bugs in its latest releases of its iPhone, iPad, and Mac operating systems.
The Cupertino, Calif.-based company rolled out 23 security fixes in iOS 10.3.2 and another 30 fixes in macOS 10.12.5, both of which were released on Monday.
Among the bugs, two bugs in iBooks for iOS could allow an attacker to arbitrarily open websites and execute malicious code at the kernel level. Over a dozen flaws were found in WebKit, which renders websites and pages on iPhones and iPads, that could allow several kinds of cross-site scripting (XSS) attacks.
A separate flaw in iBooks for macOS desktops and notebooks could allow an application to escape its secure sandbox, a technology used to prevent data loss or theft in the case of an app compromise.
Almost half of the bugs found were attributed to Google’s Project Zero, the search giant’s in-house vulnerability-finding and security team.
One of the iOS bugs credited to Synack security researcher Patrick Wardle described a kernel flaw in which a malicious application could read restricted memory, such as passwords or hashes.
In a blog post last month, Wardle explained how he found the zero-day flaw following a supposed fix in an earlier version of macOS 10.12. He said that Apple’s patch “did not fix the kernel panic” and worse, “introduced a kernel info leak, that could leak sensitive information” that could bypass the operating system’s security feature that randomizes the kernel’s memory address locations.
In an email, Wardle admitted he “didn’t realize it affected iOS too.”
Patches are available through the usual automatic update channels.”