APPLE-SA-2020-11-05-5 watchOS 5.3.9
APPLE-SA-2020-11-05-5 watchOS 5.3.9
- Subject: APPLE-SA-2020-11-05-5 watchOS 5.3.9
- From: Apple Product Security via Security-announce <email@hidden>
- Date: Thu, 05 Nov 2020 15:39:44 -0800
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2020-11-05-5 watchOS 5.3.9
watchOS 5.3.9 is now available and address the following issues.
Information about the security content is also available at
https://support.apple.com/HT211945.
FontParser
Available for: Apple Watch Series 1, Apple Watch Series 2, Apple
Watch Series 3, and Apple Watch Series 4 when paired to an iPhone
with iOS 12 installed
Impact: Processing a maliciously crafted font may lead to arbitrary
code execution. Apple is aware of reports that an exploit for this
issue exists in the wild.
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2020-27930: Google Project Zero
Kernel
Available for: Apple Watch Series 1, Apple Watch Series 2, Apple
Watch Series 3, and Apple Watch Series 4 when paired to an iPhone
with iOS 12 installed
Impact: A malicious application may be able to disclose kernel
memory. Apple is aware of reports that an exploit for this issue
exists in the wild.
Description: A memory initialization issue was addressed.
CVE-2020-27950: Google Project Zero
Kernel
Available for: Apple Watch Series 1, Apple Watch Series 2, Apple
Watch Series 3, and Apple Watch Series 4 when paired to an iPhone
with iOS 12 installed
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges. Apple is aware of reports that an exploit for
this issue exists in the wild.
Description: A type confusion issue was addressed with improved state
handling.
CVE-2020-27932: Google Project Zero
Installation note:
Instructions on how to update your Apple Watch software are
available at https://support.apple.com/kb/HT204641
To check the version on your Apple Watch, open the Apple Watch app
on your iPhone and select "My Watch > General > About".
Alternatively, on your watch, select "My Watch > General > About".
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAl+kfXcACgkQZcsbuWJ6
jjD/gA//W+VZjhWdMTw/A7LYWyB3SIXul0iMBgLCcuMYXswI+SpDq25EPIXA+KpX
PU3/mpnEu0uyNDkEQI/RW0FIzcvdLpKdJGBot0Fw0O2/NjslVtF5j3AuwCZgL7jP
iON3SkRX5rM/LcGG2fzC4gLRlxnhfJl6qhlfPOlAhgvlFPjiv8XSj22kxzQFs9mP
EpKb/w4R0QCdSeBSQi1CCap9YLIi6w52TGHp3IzgfKMEjOqmBKISFVnTbFFYBqNG
z7xdquJLAw9y4WSDQk8q/uYc1lazd3QMn6ym+4K7HxQgVgrgt2QGUz5S9pDS3xVp
zgNVf3VaonsYQZuw8LPhtp2hjQEjjIPhwiMm0UrLmijNbQrtDG4qwAR71oGDHmNk
GuIiSvDDNiywvQ8pt8BvawUPm7lVwpcKLHtMBVEcmkGHV6PB5LS6NVYYjCcYP/vb
zImPQO65+zYHAYvBc3Obth6M7FQIfHoZ2KHxMuufBgxfj2zywZsbKq3qEdv9Ynnr
mgLhqpwMZ7aHrlaYG73DuLG3L19cUNNkzkdw+0gvIurAgeVJfTHKcObKi61w+rhx
0dA+xsz2Lwll8y//l5vl0kGWgV1kaonOdlTyZYnu/4ZsIxiZGnppQTyYig0Asvs0
9jP69mVPcbBDgycuJU4ylbz2llO9WxQ1FDD7sN47JXzFMn4gBPo=
=zru3
-----END PGP SIGNATURE-----
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden