exploit the possibilities

Apple Security Advisory 2018-05-08-1

Apple Security Advisory 2018-05-08-1
Posted May 8, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-05-08-1 - This advisory provides additional information for APPLE-SA-2018-04-24-2 Security Update 2018-001.

tags | advisory
systems | apple
advisories | CVE-2018-4187, CVE-2018-4206, CVE-2018-8897
MD5 | fa01713c8fbeae9adad8ba1c07c9be96

Apple Security Advisory 2018-05-08-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2018-05-08-1 Additional information for
APPLE-SA-2018-04-24-2 Security Update 2018-001

Security Update 2018-001 addresses the following:

Crash Reporter
Available for: macOS High Sierra 10.13.4
Impact: An application may be able to gain elevated privileges
Description: A memory corruption issue was addressed with improved
error handling.
CVE-2018-4206: Ian Beer of Google Project Zero

Kernel
Available for: macOS High Sierra 10.13.4
Impact: A malicious application may be able to execute arbitrary
code with kernel privileges
Description: In some circumstances, some operating systems may not
expect or properly handle an Intel architecture debug exception
after certain instructions. The issue appears to be from an
undocumented side effect of the instructions. An attacker might
utilize this exception handling to gain access to Ring 0 and access
sensitive memory or control operating system processes.
CVE-2018-8897: Andy Lutomirski, Nick Peterson
(linkedin.com/in/everdox) of Everdox Tech LLC
Entry added May 8, 2018

LinkPresentation
Available for: macOS High Sierra 10.13.4
Impact: Processing a maliciously crafted text message may lead to UI
spoofing
Description: A spoofing issue existed in the handling of URLs. This
issue was addressed with improved input validation.
CVE-2018-4187: Zhiyang Zeng (@Wester) of Tencent Security
Platform Department, Roman Mueller (@faker_)

Installation note:

Security Update 2018-001 may be obtained from the Mac App Store or
Apple's Software Downloads web site:
https://support.apple.com/downloads/

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----

iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlrxvQQpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEY/HxAA
tRDFZcMPnxucIk9vENarx+oXzhMPGDJri16zOS9m7gv019GP10OJ2aDyr6GQpaK1
s0eCGXMqXuZ3mr7ZDikleB0xddPi+9mEjqSkfgxeP7WKFXSjAFCjc6sbv1SSq8IH
km4yqtbQLFiVmL4BYnVW0GhYwWAgFn3QAKKZjD6TZYTrtOnxuQKkPqhZgD3xLG8y
aYd0FgRX2AN23c157Gvn/nN3gYAtLxhlCwv5DcMuDH9BNPB6RR+qNPWaz6nxOukm
aOeigkHhYwvVK4AlITE06R4UBJRq8LBxC2xLzEbr4jQZnRq1uT94w4SqCLhJUQ1z
e7k5Aj9tp1HnS5ZSX6+lOohMDI3iQ8h3XS4NGj4I962QIlovuCmAgkqzN/OeH4LV
sxmqUEF/SeriryotcN/NCRjQSbmjwleVkmJ6pcEUTT3X+/EuFgOajj1/jm9ntrDv
4rsB/6CxZSC5+dW51L337GsjxPMiNBHhALXYuen/Xd35kU7YOLosFeFlednmBgYY
otXb832XGmW2C65uM/+zWJHJ/DW0NXF2GZkvD15rd7SUdKQjyO9003TJFudx3w4W
9y9LXSIF7b7KW1SaAgHr3ayWaXsioaSOeBrlURG6o/eLfRfrrBiwAMNqn/TPwsP1
/S1rasMuleP9L8h3kSm0Z1+j7iZIDaCuIZ2fgP6G/UE=
=fLK2
-----END PGP SIGNATURE-----

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

February 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    22 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    2 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    50 Files
  • 6
    Feb 6th
    24 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    6 Files
  • 9
    Feb 9th
    1 Files
  • 10
    Feb 10th
    1 Files
  • 11
    Feb 11th
    22 Files
  • 12
    Feb 12th
    25 Files
  • 13
    Feb 13th
    16 Files
  • 14
    Feb 14th
    32 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    10 Files
  • 17
    Feb 17th
    2 Files
  • 18
    Feb 18th
    27 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close