>> CATEGORY: Apple

Apple Security Advisory 2015-09-30-01 – iOS 9.0.2 is now available and addresses a lock screen vulnerability.

Apple Security Advisory 2015-09-30-02 – Safari 9 is now available and addresses spoofing, communication compromise, and various other vulnerabilities.

Apple Security Advisory 2015-09-30-03 – OS X El Capitan 10.11 is now available and addresses close to 100 vulnerabilities that may exist in prior releases.

The setuid root FinderLoadBundle that was included in older DropboxHelperTools versions for OS X allows loading of dynamically linked shared libraries that are residing in the same directory. The directory…

Cisco AnyConnect Secure Mobility Client for OS X is affected by a vulnerability that allows local attackers to mount arbitrary DMG files at arbitrary mount points. By exploiting this vulnerability…

The OS X regex engine (TRE) uses the alloca function in a few places, sometimes where an attacker can partially control the size.

Apple Security Advisory 2015-09-21-1 – watchOS 2 is now available and addresses unexpected application termination and interception issues.

OS X Regex Engine (TRE) suffers from a stack buffer overflow vulnerability.

OS X Regex Engine (TRE) suffers from integer signedness and overflow issues.

An OS X IOKit kernel memory corruption issue occurs due to a bad bzero in IOBluetoothDevice.