Number: AV16-117
Date: 19 July 2016
Purpose
The purpose of this advisory is to bring attention to multiple Apple system updates for iCloud for Windows, iTunes for Windows, Safari, tvOS, watchOS, iOS, and OS X El Capitan.
Assessment
Apple has released the following support articles:
HT206899 - iCloud for Windows 5.2.1 Windows 7 and later
HT206901 - iTunes 12.4.2 for Windows Windows 7 and later
HT206900 - Safari 9.1.2 OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.6
HT206905 - tvOS 9.2.2 Apple TV (4th generation)
HT206904 - watchOS 2.2.2 Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes
HT206902 - iOS 9.3.3 iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
HT206903 - OS X El Capitan v10.11.6 and Security Update 2016-004 OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 and later
Details: These updates address multiple vulnerabilities, including arbitrary remote code execution.
Multiple CVEs are referenced; please refer to Apple's advisory for specific details.
Suggested Action
CCIRC recommends that owner/operators test and deploy the vendor released updates or workarounds to affected platforms referred to in Apple Support Articles HT206899, HT206901, HT206900, HT206905, HT206904, HT206902, and HT206903.
References: