TTCSIRT-046.092617: TT-CSIRT Advisory – Apple Security Updates

TTCSIRT-046.092617: TT-CSIRT Advisory – Apple Security Updates

Multiple vulnerabilities have been discovered in watchOS, iOS, tvOS, Xcode, and Safari. The most severe of these vulnerabilities could allow for arbitrary code execution. Details of these vulnerabilities are as follows:

a) An ssh:// URL scheme handling issue was addressed through improved input validation (CVE-2017-1000117)

b) Multiple memory corruption issues were addressed with improved memory handling (CVE-2017-7076, CVE-2017-7134, CVE-2017-7135, CVE-2017-7136, CVE-2017-7137)

c) An input validation issue was addressed through improved input validation (CVE-2017-9800)

d) An inconsistent user interface issue was addressed with improved state management (CVE-2017-7085, CVE-2017-7106)

e) A logic issue existed in the handling of the parent-tab. This issue was addressed with improved state management (CVE-2017-7089)

f) A validation issue existed in AutoDiscover V1. This issue was addressed through requiring TLS (CVE-2017-7088)

g) Multiple denial of service issues were addressed through improved memory handling (CVE-2017-7072)

h) A memory corruption issue was addressed with improved validation (CVE-2017-7097)

i) A denial of service issue was addressed through improved validation (CVE-2017-7118)

j) A permissions issue existed. This issue was addressed with improved permission validation (CVE-2017-7133)

k) Multiple memory corruption issues were addressed with improved memory handling (CVE-2017-7103, CVE-2017-7105, CVE-2017-7108, CVE-2017-7110, CVE-2017-7112)

l) Multiple race conditions were addressed with improved validation (CVE-2017-7115)

m) A validation issue was addressed with improved input sanitization (CVE-2017-7116)

Successful exploitation of the most severe of these vulnerabilities could result in arbitrary code execution within the context of the application, an attacker gaining the same privileges as the logged-on user, or the bypassing of security restrictions. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Further information on these vulnerabilities and how they can be fixed can be found at https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-apple-products-could-allow-for-arbitrary-code-execution-13/