Apple veröffentlicht Security Update 2015-003

Apple hat mal wieder ein Sicherheitsupdate für 10.10.2 veröffentlicht. Hier die Fixes:

  • iCloud Keychain

Available for: OS X Yosemite v10.10.2

Impact: An attacker with a privileged network position may be able to execute arbitrary code
Description: Multiple buffer overflows existed in the handling of data during iCloud Keychain recovery. These issues were addressed through improved bounds checking.

CVE-ID CVE-2015-1065 : Andrey Belenko of NowSecure

  • IOSurface

Available for: OS X Yosemite v10.10.2

Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: A type confusion issue existed in IOSurface’s handling of serialized objects. The issue was addressed through additional type checking.

CVE-ID CVE-2015-1061 : Ian Beer of Google Project Zero

  Gefällt mir

Schreibe einen Kommentar