Apple Security Advisory 2016-03-21-2 – watchOS 2.2 is now available and addresses memory corruption, code execution, and various other vulnerabilities.
>> CATEGORY: Apple
The vulnerability laboratory research team discovered multiple connected passcode protection bypass vulnerabilities in the iOS v9.0, v9.1, v9.2.1 for Apple iPhone (5,5s,6 & 6s) and the iPad (mini,1 & 2).
Apple Security Advisory 2016-02-25-1 – Apple TV 7.2.1 is now available and addresses code execution, information disclosure, access bypass, and various other vulnerabilities.
OS X suffers from a privilege escalation vulnerability due to XPC type confusion in sysmond.
Apple iOS versions 9.1, 9.2, and 9.2.1 suffer from a pass code bypass vulnerability.
Apple Watch suffers from a denial of service vulnerability.
iOS / OS X kernels suffer from a use-after-free / double free vulnerability due to lack of locking in IOHDIXControllUserClient:clientClose.
com.apple.audio.coreaudiod is reachable from various sandboxes including the Safari renderer. coreaudiod is sandboxed and runs as its own user, nevertheless it has access to various other interesting attack surfaces which…
iOS / OS X suffer from a kernel double free due to lack of locking in Iokit registry iterator manipulation.
iOS and OS X suffers from a kernel code execution vulnerability due to an integer overflow in NECP system control socket packet parsing.