SIGforum
Apple Releases Updates to Fix Three Zero-Day Vulnerabilities (ALL Apple Platforms)

This topic can be found at:
https://sigforum.com/eve/forums/a/tpc/f/320601935/m/2490042284

May 25, 2021, 05:19 PM
ensigmatic
Apple Releases Updates to Fix Three Zero-Day Vulnerabilities (ALL Apple Platforms)
From one of my computer and network security newsletters...
quote:

Apple Releases Updates to Fix Three Zero-Days
(May 24, 2021)
Apple released updates to macOS 11.4, 10.15, 10.14; iOS and iPadOS 14.6; watchOS 7.5 and tvOS 14.6 to address three zero day vulnerabilities hackers exploited in the wild.  The XCSSET malware exploited the weakness in CVE-2021-30713 to bypass macOS privacy protections while CVE-2021-30663 and CVE-2021-30665 impact WebKit on Apple TV 4K and Apple TV HD devices. Zero-day vulnerabilities have been showing up more in Apple’s security advisories, often tagged as exploited prior to fixes being released.

N.B.: These are being actively exploited in the wild!

Related articles:
- https://support.apple.com/en-us/HT201222
- https://support.apple.com/en-us/HT212529
- https://support.apple.com/en-us/HT212532
- https://www.jamf.com/blog/zero-day-tcc-bypass-discovered-in-xcsset-malware/
- https://www.bleepingcomputer.com/news/security/apple-fixes-three-zero-days-one-abused-by-xcsset-macos-malware/
- https://www.theregister.com/2021/05/24/ios_macos_patches/
- https://arstechnica.com/gadgets/2021/05/hackers-exploit-a-macos-0day-that-allows-them-to-screenshot-infected-macs/


"America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe
"If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher
May 25, 2021, 11:49 PM
Prefontaine
Thanks. Updated everything tonight.


What am I doing? I'm talking to an empty telephone
May 26, 2021, 05:32 AM
CQB60
Thanks for the FYI Smile


______________________________________________
Life is short. It’s shorter with the wrong gun…
May 26, 2021, 11:31 AM
ensigmatic
Y'all are welcome Smile


"America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe
"If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher
May 26, 2021, 03:24 PM
911Boss
Mac, iPad, iPhone, Watch all updated...





What part of "...Shall not be infringed" don't you understand???

May 26, 2021, 06:12 PM
NOCkid
Thanks, updating right now.
May 29, 2021, 09:31 AM
ensigmatic
I'm going to give this one last bump, for the weekend crowd. (Normally would not do this, but this round of updates appears to be pretty critical.)


"America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe
"If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher
May 29, 2021, 11:47 AM
BB61
Thanks. We are doing the computers and iPad right now.


__________________________