An issue exists in certain Apple products. iOS prior to 11.2.5 is affected. tvOS prior to 11.2.5 is affected. watchOS prior to 4.2.2 is affected. The issue involves the "Core Bluetooth" component. It allows malicious users to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple iphone os |
||
apple apple tv |
||
apple watchos |
Meanwhile, HomePod inches closer to actually shipping, allegedly
Apple has released security patches for iOS and macOS that include, among other things, Meltdown and Spectre fixes. The new versions should be installed as soon as possible. On macOS, the update will be delivered as High Sierra 10.13.3 or Security Update 2018-001 for Sierra and El Capitan machines. Headlining the security update is a patch for CVE-2017-5754, better known as Meltdown. The Intel processor bug allows malicious code to potentially read sensitive data and personal information, such a...