Apple has released security updates this week for seven products —macOS, iOS, watchOS, iTunes for Windows, tvOS, iCloud for Windows, and Safari.
Out of all the vulnerabilities patched this week, two stand out, mainly because they affect the kernels of macOS, iOS, watchOS, and tvOS alike.
The vulnerabilities are CVE-2018-4241 and CVE-2018-4243, both discovered by Google security engineer Ian Beer. Neither Beer nor Apple have released expansive details about these two bugs.
Both issues are buffer overflows in the kernel code that can lead to an attacker executing malicious code within the context of the kernel, giving him full access to a device. But these are all the details currently available.
In fact, Apple is currently still hiding the changelog of the iOS, watchOS, and tvOS security patches in an attempt to allow users to update without giving attackers a clue to what's hiding inside.
Beer is expected to release more details about the two via the Google Project Zero bug tracker next week. In the meantime, users should get patchin'!
Name and information link
|Safari 11.1.1||OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4||01 Jun 2018|
|iCloud for Windows 7.5||Windows 7 and later||01 Jun 2018|
|macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, Security Update 2018-003 El Capitan||OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.4||01 Jun 2018|
|iOS 11.4||iPhone 5s and later, iPad Air and later, and iPod touch 6th generation||29 May 2018|
|watchOS 4.3.1||All Apple Watch models||29 May 2018|
|iTunes 12.7.5 for Windows||Windows 7 and later||29 May 2018|
|tvOS 11.4||Apple TV 4K and Apple TV (4th generation)||29 May 2018|