Apple released security updates today for Safari, OS X, and iOS that resolve critical vulnerabilities that could lead to remote code execution. Remote code execution vulnerabilities allow an attacker to create specially crafted web sites or files that could allow the attacker to execute commands and programs on vulnerable platforms. These types of vulnerabilities are the most serious as they could allow an attacker to virtually perform any action on the device, including the downloading of other programs.

The iOS 9.2.1 security update updates resolves 13 vulnerability with 11 of them possibly allowing remote code execution. The other two vulnerabilities allow information disclosure under certain circumstances. This update is already available to download on all iOS devices and it should be installed immediately.

The  OS X El Capitan 10.11.3 update resolves 9 security vulnerabilities, with 8 of them allowing remote code execution. The 9th vulnerability allows a quarantined application to possibly to override OSA script libraries installed by the user.

Finally, the Safari 9.0.3 update resolves 6 security vulnerabilities, with the 5 of them allowing remote code execution and the one causing information disclosure about what links were clicked on.

All of these updates are currently available for download and should be installed immediately.

 

Related Articles:

iOS 12 Patches Memory Bugs, Safari 12 Fixes Data Leaks

Apple's Safari Falls For New Address Bar Spoofing Trick

New CSS Attack Restarts an iPhone or Freezes a Mac

Chrome 69 for iOS Moved Navigation Bar to Bottom of Screen & Users are Unhappy

Microsoft Rolls Out New Intel Microcode for Windows 10, Server 2016