>> TAG: #osx

A heap overflow in IOHIKeyboardMapper::parseKeyMapping allows kernel memory corruption in Mac OS X before 10.10. By abusing a bug in the IORegistry, kernel pointers can also be leaked, allowing a…

Safari version 8.0 on OS X 10.10 crash proof of concept exploit.

Apple Security Advisory 2014-11-17-1 – iOS 8.1.1 is now available and addresses code execution and various other security flaws.

Apple Security Advisory 2014-11-17-2 – OS X 10.10.1 is now available and addresses a privacy issue, arbitrary code execution, and various other security issues.

Apple Security Advisory 2014-11-17-3 – Apple TV 7.0.2 is now available and addresses arbitrary code execution and unsigned code execution security issues.

Need root-cause analysis, log management, and compliance monitoring? SolarWinds(r) LEM is smart security for any IT pro. Download a free trial

This proof of concept exploits a missing sign check in IOBluetoothHCIUserClient::SimpleDispatchWL() on Mac OS X Mavericks.

Apple iOS version 8.0.2 suffers from a contact handling denial of service vulnerability.

Apple Security Advisory 2014-10-22-1 – QuickTime 7.7.6 is now available and addresses memory corruption and buffer overflow vulnerabilities.

Apple Security Advisory 2014-10-20-1 – iOS 8.1 is now available and addresses bluetooth, insufficient cryptographic protection, and various other vulnerabilities.