A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple icloud |
||
apple itunes |
||
apple safari |
||
apple ipados |
||
apple iphone os |
||
apple tvos |
||
apple watchos |
Patch Thursday is for you, Patch Tuesday is for everyone else Apple promises third, no, fourth, er, fifth time's a charm when it comes to macOS Catalina: 10.15.5 now out
Apple has alerted users about a bunch of security fixes for its software on supported versions of macOS that you ought to install as soon as you can. For Safari, there are nine CVE-listed patches in version 13.1.1. Six address malicious code execution (CVE-2020-9802, CVE-2020-9800, CVE-2020-9806, CVE-2020-9807, CVE-2020-9850, CVE-2020-9803) that can be achieved by opening a booby-trapped webpage or similar. These were found separately by Samuel Groß of Google Project Zero; Brendan Draper workin...