:: Deepquest ::

Apple Security Advisory 2015-06-30-4 – Safari 8.0.7, Safari 7.1.7, and Safari 6.2.7 are now available and address account takeover, WebSQL database access, and various other issues.

The research in this paper leads to the discovery of a series of high-impact security weaknesses, which enable a sandboxed malicious app, approved by the Apple Store, to gain unauthorized access to other apps’ sensitive data. More specifically, the researchers found that the inter-app interaction services, including the keychain and WebSocket on OS X and […]

Apple Security Advisory 2015-01-27-2 – iOS 8.1.3 is now available and addresses access bypass, arbitrary code execution, denial of service, and various other vulnerabilities.

Apple Security Advisory 2015-01-27-3 – Safari 8.0.3, Safari 7.1.3, and Safari 6.2.3 are now available and address memory corruption issues that can lead to arbitrary code execution.

Apple Security Advisory 2015-01-27-4 – OS X 10.10.2 and Security Update 2015-001 are now available and address information disclosure, arbitrary code execution, cache clearing, integer overflow, and various other vulnerabilities.

A malicious Jar file can bypass all OS X Gatekeeper warnings and protections, allowing a remote attacker to execute arbitrary unsigned code downloaded by the user. Java must be installed on the victim’s machine.

Apple Security Advisory 2015-03-09-1 – iOS 8.2 is now available and addresses null pointer dereference, code execution, buffer overflows, and various other vulnerabilities.

Apple Security Advisory 2015-03-09-2 – AppleTV 7.1 is now available and addresses folder creation, code execution, and tls-related vulnerabilities.

Apple Security Advisory 2015-03-09-3 – Security Update 2015-002 is now available and addresses buffer overflow, off-by-one, type confusion, and secure transport vulnerabilities.

Apple Security Advisory 2015-03-09-4 – Xcode 6.2 is now available and addresses spoofing and validation checking issues.