Number: AV17-138
Date: 20 September 2017
Purpose
The purpose of this advisory is to bring attention to multiple Apple system security updates for iOS 11, Safari 11, Xcode 9, tvOS 11, watchOS 4 and iTunes 12.7.
Assessment
Apple has released the following support articles regarding security vulnerabilities in their products:
- HT208103 - Xcode 9
- HT208112 - iOS 11
- HT208116 - Safari 11
This update addresses multiple vulnerabilities on the systems listed above.
Apple will release further details shortly for iTunes 12.7, tvOS 11 and watchOS 4.
CVE Reference: CVE-2017-1000117, CVE-2017-7072, CVE-2017-7076, CVE-2017-7085, CVE-2017-7088, CVE-2017-7089, CVE-2017-7097, CVE-2017-7106, CVE-2017-7118, CVE-2017-7134, CVE-2017-7135, CVE-2017-7136, CVE-2017-7137, CVE-2017-9800
Suggested action
CCIRC recommends that owner/operators test and deploy the vendor released updates or workarounds to affected platforms.
References
https://support.apple.com/en-ca/HT201222
https://support.apple.com/en-ca/HT208112
https://support.apple.com/en-ca/HT208116
https://support.apple.com/en-ca/HT208103