Note to readers

This publication does not currently meet the Government of Canada's Web Standards. The information remains valid.

Multiple Apple security updates

Number: AV16-143
Date: 14 September 2016

Purpose

The purpose of this advisory is to bring attention to multiple Apple security updates for; iOS 10, iOS 10.0.1, Xcode 8 and watchOS 3.

Assessment

Apple has released the following support articles;

HT207143 - Security Update: iOS 10 - iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
HT207145 - Security Update: iOS 10.0.1 - iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later
HT207140 - Security Update: Xcode 8 - OS X El Capitan v10.11.5 and later
HT207141 - Security Update: watchOS3 - All Apple Watch models

These updates address multiple vulnerabilities, including, termination of application, arbitrary code execution, exposure of sensitive information on devices and the blocking of updates on devices.

CVE References: CVE-2016-4741, CVE-2016-4719, CVE-2016-4746, CVE-2016-4747, CVE-2016-4740, CVE-2016-4749, CVE-2016-4620, CVE-2016-4655, CVE-2016-4704, CVE-2016-4705, CVE-2016-4719.

Suggested action

CCIRC recommends that owner/operators test and deploy the vendor released updates or workarounds to affected platforms referred to in the Apple Support Articles (see below)

References

https://support.apple.com/en-ca/HT207143
https://support.apple.com/en-ca/HT207145
https://support.apple.com/en-ca/HT207140
https://support.apple.com/en-ca/HT207141

Date modified: