APPLE-SA-2017-01-23-3 watchOS 3.1.3
APPLE-SA-2017-01-23-3 watchOS 3.1.3
- Subject: APPLE-SA-2017-01-23-3 watchOS 3.1.3
- From: Apple Product Security <email@hidden>
- Date: Mon, 23 Jan 2017 10:37:32 -0800
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2017-01-23-3 watchOS 3.1.3
watchOS 3.1.3 is now available and addresses the following:
Accounts
Available for: All Apple Watch models
Impact: Uninstalling an app did not reset the authorization settings
Description: An issue existed which did not reset the authorization
settings on app uninstall. This issue was addressed through improved
sanitization.
CVE-2016-7651: Ju Zhu and Lilang Wu of Trend Micro
Audio
Available for: All Apple Watch models
Impact: Processing a maliciously crafted file may lead to arbitrary
code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2016-7658: Haohao Kong of Keen Lab (@keen_lab) of Tencent
CVE-2016-7659: Haohao Kong of Keen Lab (@keen_lab) of Tencent
Auto Unlock
Available for: All Apple Watch models
Impact: Auto Unlock may unlock when Apple Watch is off the user's
wrist
Description: A logic issue was addressed through improved state
management.
CVE-2017-2352: Ashley Fernandez of raptAware Pty Ltd
CoreFoundation
Available for: All Apple Watch models
Impact: Processing maliciously crafted strings may lead to an
unexpected
application termination or arbitrary code execution
Description: A memory corruption issue existed in the processing of
strings. This issue was addressed through improved bounds checking.
CVE-2016-7663: an anonymous researcher
CoreGraphics
Available for: All Apple Watch models
Impact: Processing a maliciously crafted font file may lead to
unexpected application termination
Description: A null pointer dereference was addressed through
improved input validation.
CVE-2016-7627: TRAPMINE Inc. & Meysam Firouzi @R00tkitSMM
CoreMedia Playback
Available for: All Apple Watch models
Impact: Processing a maliciously crafted .mp4 file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
memory handling.
CVE-2016-7588: dragonltx of Huawei 2012 Laboratories
CoreText
Available for: All Apple Watch models
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: Multiple memory corruption issues existed in the
handling of font files. These issues were addressed through improved
bounds checking.
CVE-2016-7595: riusksk(泉哥) of Tencent Security Platform
Department
Disk Images
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2016-7616: daybreaker@Minionz working with Trend Micro's Zero Day
Initiative
FontParser
Available for: All Apple Watch models
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: Multiple memory corruption issues existed in the
handling of font files. These issues were addressed through improved
bounds checking.
CVE-2016-4691: riusksk(泉哥) of Tencent Security Platform
Department
FontParser
Available for: All Apple Watch models
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: A buffer overflow existed in the handling of font files.
This issue was addressed through improved bounds checking.
CVE-2016-4688: Simon Huang of Alipay company,
email@hidden
ICU
Available for: All Apple Watch models
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
memory handling.
CVE-2016-7594: André Bargull
ImageIO
Available for: All Apple Watch models
Impact: A remote attacker may be able to leak memory
Description: An out-of-bounds read was addressed through improved
bounds checking.
CVE-2016-7643: Yangkang (@dnpushme) of Qihoo360 Qex Team
IOHIDFamily
Available for: All Apple Watch models
Impact: A local application with system privileges may be able to
execute arbitrary code with kernel privileges
Description: A use after free issue was addressed through improved
memory management.
CVE-2016-7591: daybreaker of Minionz
IOKit
Available for: All Apple Watch models
Impact: An application may be able to read kernel memory
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2016-7657: Keen Lab working with Trend Micro's Zero Day
Initiative
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2016-7606: Chen Qin of Topsec Alpha Team (topsec.com), @cocoahuke
CVE-2016-7612: Ian Beer of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: An application may be able to read kernel memory
Description: An insufficient initialization issue was addressed by
properly initializing memory returned to user space.
CVE-2016-7607: Brandon Azad
Kernel
Available for: All Apple Watch models
Impact: A local user may be able to cause a system denial of service
Description: A denial of service issue was addressed through improved
memory handling.
CVE-2016-7615: The UK's National Cyber Security Centre (NCSC)
Kernel
Available for: All Apple Watch models
Impact: A local user may be able to cause an unexpected system
termination or arbitrary code execution in the kernel
Description: A use after free issue was addressed through improved
memory management.
CVE-2016-7621: Ian Beer of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: A local user may be able to gain root privileges
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2016-7637: Ian Beer of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: A local application with system privileges may be able to
execute arbitrary code with kernel privileges
Description: A use after free issue was addressed through improved
memory management.
CVE-2016-7644: Ian Beer of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A buffer overflow issue was addressed through improved
memory handling.
CVE-2017-2370: Ian Beer of Google Project Zero
Kernel
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A use after free issue was addressed through improved
memory management.
CVE-2017-2360: Ian Beer of Google Project Zero
libarchive
Available for: All Apple Watch models
Impact: A local attacker may be able to overwrite existing files
Description: A validation issue existed in the handling of symlinks.
This issue was addressed through improved validation of symlinks.
CVE-2016-7619: an anonymous researcher
libarchive
Available for: All Apple Watch models
Impact: Unpacking a maliciously crafted archive may lead to arbitrary
code execution
Description: A buffer overflow issue was addressed through improved
memory handling.
CVE-2016-8687: Agostino Sarubbo of Gentoo
Profiles
Available for: All Apple Watch models
Impact: Opening a maliciously crafted certificate may lead to
arbitrary code execution
Description: A memory corruption issue existed in the handling of
certificate profiles. This issue was addressed through improved input
validation.
CVE-2016-7626: Maksymilian Arciemowicz (cxsecurity.com)
Security
Available for: All Apple Watch models
Impact: An attacker may be able to exploit weaknesses in the 3DES
cryptographic algorithm
Description: 3DES was removed as a default cipher.
CVE-2016-4693: Gaëtan Leurent and Karthikeyan Bhargavan from INRIA
Paris
Security
Available for: All Apple Watch models
Impact: An attacker in a privileged network position may be able to
cause a denial of service
Description: A validation issue existed in the handling of OCSP
responder URLs. This issue was addressed by verifying OCSP revocation
status after CA validation and limiting the number of OCSP requests
per certificate.
CVE-2016-7636: Maksymilian Arciemowicz (cxsecurity.com)
Security
Available for: All Apple Watch models
Impact: Certificates may be unexpectedly evaluated as trusted
Description: A certificate evaluation issue existed in certificate
validation. This issue was addressed through additional validation of
certificates.
CVE-2016-7662: Apple
syslog
Available for: All Apple Watch models
Impact: A local user may be able to gain root privileges
Description: An issue in mach port name references was addressed
through improved validation.
CVE-2016-7660: Ian Beer of Google Project Zero
WebKit
Available for: All Apple Watch models
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
state management.
CVE-2016-7589: Apple
WebKit
Available for: All Apple Watch models
Impact: Processing maliciously crafted web content may exfiltrate
data cross-origin
Description: Multiple validation issues existed in the handling of
page loading. This issue was addressed through improved logic.
CVE-2017-2363: lokihardt of Google Project Zero
Installation note:
Instructions on how to update your Apple Watch software are
available at https://support.apple.com/kb/HT204641
To check the version on your Apple Watch, open the Apple Watch app
on your iPhone and select "My Watch > General > About".
Alternatively, on your watch, select "My Watch > General > About".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJYgqLhAAoJEIOj74w0bLRGGHoQAN1fT/3R7qBCadclKXvxfs49
97/3sMt5Daw9EQjmw7/ye3Xc4lMR7rw5swBlKJDsKahn3qu95nhPk+zbxBW1jmeQ
1W6yr+SQoYZURxQoQ30qmyNQgEBjmk+nJlUN3SE8feibfGdRJBIHNDho9XBeRqvU
Bv64p1IRx8jo+YL98qCt3YZIcsR33e/mdpxVX+HJzCu/gXiEW4vma6Bpn6QOji0C
xY4hebFBdLdZXgDvmcqvz89BUfVM9Sk3gC92wpPPMRVKom1R9cuLAEUA2Xiuendy
VL7oHlERk+jChy/qRVmeVtk8l5fETNN5jFm1w39jWSt8BgZopshEhfRTYBPxiYxL
9Ah7PYfwyZWUj1VTwbnvdec44CQBX2/XIITfThPjX79811lJ65iS4PmNAvXAPAzF
mfKq9/94KB02StTMaVQMxQo3798PdjmW882SoAK0M5GHhf8e7wRAi6Tge7g5zPEe
cG+rcCdNqwH+7StQJnW1keHcU5GWPESFNSYiGVtbkGi5/KKUPbqsMFCpf4AiGQbK
nE9HOaS1qSkThvet0H+68Ec1UAGTWhXkNbIyxJGAutQnETzOJF97nb8elOzZK1MN
C6Liplz1bpGjNO9sXljdRh6KYThmDM7oy3NoJXhY9Rwy3LnJinIp0iEis9IMkHdA
YQ7bZyojEtZl7UHDHJVE
=RfaO
-----END PGP SIGNATURE-----
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden