site_archiver@lists.apple.com Delivered-To: security-announce@lists.apple.com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-11-05-4 watchOS 6.2.9 watchOS 6.2.9 is now available and address the following issues. Information about the security content is also available at https://support.apple.com/HT211944. FontParser Available for: Apple Watch Series 1 and later Impact: Processing a maliciously crafted font may lead to arbitrary code execution. Apple is aware of reports that an exploit for this issue exists in the wild. Description: A memory corruption issue was addressed with improved input validation. CVE-2020-27930: Google Project Zero Kernel Available for: Apple Watch Series 1 and later Impact: A malicious application may be able to disclose kernel memory. Apple is aware of reports that an exploit for this issue exists in the wild. Description: A memory initialization issue was addressed. CVE-2020-27950: Google Project Zero Kernel Available for: Apple Watch Series 1 and later Impact: A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of reports that an exploit for this issue exists in the wild. Description: A type confusion issue was addressed with improved state handling. CVE-2020-27932: Google Project Zero Installation note: Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAl+kfmoACgkQZcsbuWJ6 jjB0bQ//ZJEfIJf5ybim8u7RXip2jBwJgvnsZ/0aJM9L1v0KOiMx5SLVaDNWvB2M feEY1ac0ApCu2eQeWmBK0hhsu/KuafOBSaOFWh0dHejQElJH1P/t7U8LG9R9cRwk rE1BRKRVnDRSV5E4EyvLmrRXB3ex93MkZpDlDjnbmvVm0Sum/aUWid8Ts3BAtvyh uXZkY3fPxDnUkLI/DG+Em3exY4cT5t7BX0UVl6DbhQslFmOU4I7lZE0REocxpiMp jI6Xs4DSRgdr1N3Q5oZfPxbi9ifVz0qb7W3SE3UHXDoiyjIZvYYPxwSGJsc+2tD9 3N0vhhQiQclOWIaGvLJ7FIXtdSu587rwk2qyRLPtahdRxuY6fy4CherO/wB1OJr1 0SGsaMVRAE8pPYEpJph8CqR4GU2omwqC+PhbfUSI22ELNDRRXoHNFvmFnmbdnodE MVRi532sPRXhZtZjWXKb7hZAC8N4hLoSp/ZYhU9UxSk6uRqJWIxLoja4zKvoXv4b 78lOUvXUKNhlnv9NeiokpYtbdLYi9JlTQMcj0NJl5hnx8/6iA0vc62FgK9Q4V0zf Dt/oLwW/KzoV/fNT+Yyf6/ezgFClVnkxmrTUTbOdKLhacsnwwhQRJQg4jJAcy91g Gpc8Uj7iN5Kn1aVhvewaAh+CaKByx3LF46ZEI27n/Cw3C6SoVY8= =hWJM -----END PGP SIGNATURE----- _______________________________________________ Do not post admin requests to the list. They will be ignored. Security-announce mailing list (Security-announce@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/security-announce/site_archiver%40li... This email sent to site_archiver@lists.apple.com