After issuing iOS 17.4 on Tuesday with new emoji and large modifications to the App Retailer within the EU, Apple despatched out updates to the remainder of its working programs on Thursday, together with macOS 14.4, watchOS 10.4, and visionOS 1.1, the primary main replace for Apple’s new Imaginative and prescient Professional headset. Among the many normal bug fixes and enhancements—most notably, new emoji on your Mac, Persona, and EyeSight enhancements on Imaginative and prescient Professional, and a brand new Double Faucet operate on Apple Watch—the updates embrace fixes for a mountain of safety points, no less than two of which have been exploited within the wild.
All mentioned, the updates embrace greater than 75 distinctive safety updates affecting all corners of Apple’s ecosystem. Listed here are the necessary stats you must know:
macOS 15.4
Safety updates: 64
Notable fixes: Airport (CVE-2024-23227), Dock (CVE-2024-23244), Safari Non-public Looking (CVE-2024-23273)
macOS Monterey 12.7.4/macOS Ventura 13.6.5
Safety updates: 25
Notable fixes: Intel Graphics Driver (CVE-2024-23234), Notes (CVE-2024-23283), Shortcuts (CVE-2024-23204)
watchOS 10.4
Safety updates: 24
Notable fixes: Messages (CVE-2024-23287), Sandbox (CVE-2024-23290), Siri (CVE-2024-23293)
tvOS 17.4
Safety updates: 24
Notable fixes: CoreBluetooth – LE (CVE-2024-23250), Picture Processing (CVE-2024-23270), UIKit (CVE-2024-23246)
visionOS 1.1
Safety updates: 16
Notable fixes: Accessibility (CVE-2024-23262), Persona (CVE-2024-23295), WebKit (CVE-2024-23263)
iOS 17.4 and iPadOS 17.4
Safety updates: 40
Notable fixes:Â Bluetooth (CVE-2024-23277), Photographs (CVE-2024-23255), Synapse (CVE-2024-23242)
iOS 16.7.6 and iPadOS 16.7.6
Safety updates: 18
Notable fixes: CoreCrypto (CVE-2024-23218), Steel (CVE-2024-23264), Safari (CVE-2024-23259)
Apple has additionally mounted a zero-day flaw throughout all of its units affecting Kernel and RTKit that will have been exploited within the wild:
Kernel
- Impression: An attacker with arbitrary kernel learn and write functionality could possibly bypass kernel reminiscence protections. Apple is conscious of a report that this subject might have been exploited.
- Description: A reminiscence corruption subject was addressed with improved validation.
- CVE-2024-23225
RTKit
- Impression: An attacker with arbitrary kernel learn and write functionality could possibly bypass kernel reminiscence protections. Apple is conscious of a report that this subject might have been exploited.
- Description: A reminiscence corruption subject was addressed with improved validation.
- CVE-2024-23296
To replace your Apple gadget, go to the Settings app (or System Settings on a Mac) and discover Basic. Then choose Software program Replace and comply with the prompts.