Navigation
Recherche
|
Here’s why Apple released iOS 17.4.1 last week
mardi 26 mars 2024, 12:15 , par Macworld UK
Macworld
When Apple released iOS 17.4.1 last week, it only provided the vaguest of descriptions, saying the update contains “important bug fixes and security updates and is recommended for all users.” Even the security update page, which provides details on which flaws were patched, was conspicuously blank. On Monday, however, we found out why. Apple released macOS Sonoma 14.4.1, which contains several important bug fixes for nagging issues affecting Mac users, and published the CVE (common vulnerabilities and exposures) entries for a pair of critical issues. Apple also updated the iOS 17.4.1 page with the same patches, as well as visionOS 1.1.1 and macOS Ventura 13.6.6. Here is how Apple describes them: CoreMedia Impact: Processing an image may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2024-1580: Nick Galloway of Google Project Zero WebRTC Impact: Processing an image may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2024-1580: Nick Galloway of Google Project Zero Additionally, the Safari 17.4.1 update includes the WebRTC fix but not the CoreMedia one. Apple didn’t say it was aware of the flaw being seen in the wild, so it’s important to patch it before hackers have a chance to exploit it. To update your iPhone, head over to Settings, then General and Software Update, select Update Now, and follow the prompts. Apple is expected to release the first iOS 17.5 beta soon, possibly as early as this week. iOS
https://www.macworld.com/article/2279264/ios-17-4-1-security-updates-coremedia-webrtc-patches.html
|
59 sources (15 en français)
Date Actuelle
ven. 22 nov. - 22:17 CET
|