Government of the Republic of Trinidad and Tobago                                                                                                                                        


News

TTCSIRT-197.012319: TT-CSIRT Advisory – Apple Security Updates

23rd January 2019

Apple has released a security update stating that the following vulnerabilities were patched in iCloud, Safari, watchOS, tvOS, Mojave, High Sierra, Sierra, and iOS:

a) A buffer overflow issue was addressed with improved memory handling – (CVE-2019-6224).

b) A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation – (CVE-2019-6228).

c) An out-of-bounds read issue existed that led to the disclosure of memory. This was addressed with improved input validation – (CVE-2019-6209).

d) Multiple type confusion issues were addressed with improved memory handling – (CVE-2019-6214, CVE-2019-6215).

e) A memory consumption issue was addressed with improved memory handling – (CVE-2018-4452).

Further information on these vulnerabilities and how they can be mitigated can be found on the Apple Website at https://support.apple.com/en-us/HT209443