Apple security updates

Number: AV17-138
Date: 20 September 2017

Purpose

The purpose of this advisory is to bring attention to multiple Apple system security updates for iOS 11, Safari 11, Xcode 9, tvOS 11, watchOS 4 and iTunes 12.7.

Assessment

Apple has released the following support articles regarding security vulnerabilities in their products:

  • HT208103 - Xcode 9
  • HT208112 - iOS 11
  • HT208116 - Safari 11

This update addresses multiple vulnerabilities on the systems listed above.

Apple will release further details shortly for iTunes 12.7, tvOS 11 and watchOS 4.

CVE Reference: CVE-2017-1000117, CVE-2017-7072, CVE-2017-7076, CVE-2017-7085, CVE-2017-7088, CVE-2017-7089, CVE-2017-7097, CVE-2017-7106, CVE-2017-7118, CVE-2017-7134, CVE-2017-7135, CVE-2017-7136, CVE-2017-7137, CVE-2017-9800

Suggested action

CCIRC recommends that owner/operators test and deploy the vendor released updates or workarounds to affected platforms.

References

https://support.apple.com/en-ca/HT201222
https://support.apple.com/en-ca/HT208112
https://support.apple.com/en-ca/HT208116
https://support.apple.com/en-ca/HT208103

Date modified: