Apple medicine

Apple has released security updates this week for seven products —macOS, iOS, watchOS, iTunes for Windows, tvOS, iCloud for Windows, and Safari.

Out of all the vulnerabilities patched this week, two stand out, mainly because they affect the kernels of macOS, iOS, watchOS, and tvOS alike.

Two vulnerabilities stand out

The vulnerabilities are CVE-2018-4241 and CVE-2018-4243, both discovered by Google security engineer Ian Beer. Neither Beer nor Apple have released expansive details about these two bugs.

Both issues are buffer overflows in the kernel code that can lead to an attacker executing malicious code within the context of the kernel, giving him full access to a device. But these are all the details currently available.

In fact, Apple is currently still hiding the changelog of the iOS, watchOS, and tvOS security patches in an attempt to allow users to update without giving attackers a clue to what's hiding inside.

Beer is expected to release more details about the two via the Google Project Zero bug tracker next week. In the meantime, users should get patchin'!

Name and information link


Available for

Release date

Safari 11.1.1 OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4 01 Jun 2018
iCloud for Windows 7.5 Windows 7 and later 01 Jun 2018
macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, Security Update 2018-003 El Capitan OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.4 01 Jun 2018
iOS 11.4 iPhone 5s and later, iPad Air and later, and iPod touch 6th generation 29 May 2018
watchOS 4.3.1 All Apple Watch models 29 May 2018
iTunes 12.7.5 for Windows Windows 7 and later 29 May 2018
tvOS 11.4 Apple TV 4K and Apple TV (4th generation) 29 May 2018

Related Articles:

Open MongoDB Database Exposes Mobile Games Money Laundering Operation

Funny Google Chromebook Ad Mocks Windows and macOS Operating Systems

OSX.Dummy Mac Malware Targets Cryptocurrency Users on Slack and Discord Channels

Upcoming iOS 12 Will Share Emergency Location With 911 Services

macOS Breaks Your OpSec by Caching Data From Encrypted Hard Drives