APPLE-SA-05-13-2024-6 macOS Monterey 12.7.5
APPLE-SA-05-13-2024-6 macOS Monterey 12.7.5
- Subject: APPLE-SA-05-13-2024-6 macOS Monterey 12.7.5
- From: Apple Product Security via Security-announce <email@hidden>
- Date: Mon, 13 May 2024 21:01:21 -0400
- Original-recipient: rfc822;email@hidden
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-05-13-2024-6 macOS Monterey 12.7.5
macOS Monterey 12.7.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214105.
Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
Find My
Available for: macOS Monterey
Impact: A malicious application may be able to access Find My data
Description: This issue was addressed with improved redaction of
sensitive information.
CVE-2024-23229: Joshua Jewett (@JoshJewett33)
Foundation
Available for: macOS Monterey
Impact: An app may be able to access user-sensitive data
Description: A logic issue was addressed with improved checks.
CVE-2024-27789: Mickey Jin (@patch1t)
Additional recognition
App Store
We would like to acknowledge an anonymous researcher for their
assistance.
macOS Monterey 12.7.5 may be obtained from the Mac App Store or
Apple's Software Downloads web site:
https://support.apple.com/downloads/
All information is also posted on the Apple Security Releases
web site: https://support.apple.com/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmZCtZ4ACgkQX+5d1TXa
IvqR2g//T7xisOQJEBugIuk4sXS7qt1O1wchiJC99EBhXK4ulCyEcBMIdGSPp3zJ
QmtwU/0nB5zOd5DsSQh6N+Jj9Wb6bLauR8d4QhyrlemttMSYGHPC47WkF0HIYiLv
IGL+A/Z+uulb22sRb3MZ8CNDZA2mUVtRZKRnBwBNO2yZEofWvM4KNIyQThR2z17c
MvZuVBEo9NFMuEeXRLzCwmDfe344j9f3eQyY/5mnYLXQx60Lzg6BZxF1nCbN+mYc
vGHDPs3744sTmcj8pBLBX6629O/9uLe/IgQX8QDA1aaW9G/x2njICxecVHA9QRti
BPhbQfh9DWvUo3Wrmk/6kDb/d3kb/arx/HE3x4M+AbXlXA1G8GVOrFig6W9bgJRX
e1I0ZQhXvPqBAles4XK14x6cXzXGNfPjbwVgAAHSqsiDqBSp7CUPM5i/6yPRz7AN
uJG54euZ+02i8NErPXbe91kgHNidWQVnUMxDkle2QT3/Wo3mKcLfEGRJU89wiGw3
dkoclqgKD8vUT+EUiPShOAa5/FUVR9F7PjGDrV91IKBtwC8VoLmSMcu4hIKhlIFW
xWat/sFCLVz+8nmRKVgn+xoSwtYvAvbImI83QQsf4Q+GH0WsgHG1dRw3VRjXy3US
lOnT6nKXFCvB3n139cgHLp3Q5ZoRf1xKVv5/EvOIP9jagB13QbU=
=cPoJ
-----END PGP SIGNATURE-----
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-05-13-2024-6 macOS Monterey 12.7.5
macOS Monterey 12.7.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214105.
Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
Find My
Available for: macOS Monterey
Impact: A malicious application may be able to access Find My data
Description: This issue was addressed with improved redaction of
sensitive information.
CVE-2024-23229: Joshua Jewett (@JoshJewett33)
Foundation
Available for: macOS Monterey
Impact: An app may be able to access user-sensitive data
Description: A logic issue was addressed with improved checks.
CVE-2024-27789: Mickey Jin (@patch1t)
Additional recognition
App Store
We would like to acknowledge an anonymous researcher for their
assistance.
macOS Monterey 12.7.5 may be obtained from the Mac App Store or
Apple's Software Downloads web site:
https://support.apple.com/downloads/
All information is also posted on the Apple Security Releases
web site: https://support.apple.com/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmZCtZ4ACgkQX+5d1TXa
IvqR2g//T7xisOQJEBugIuk4sXS7qt1O1wchiJC99EBhXK4ulCyEcBMIdGSPp3zJ
QmtwU/0nB5zOd5DsSQh6N+Jj9Wb6bLauR8d4QhyrlemttMSYGHPC47WkF0HIYiLv
IGL+A/Z+uulb22sRb3MZ8CNDZA2mUVtRZKRnBwBNO2yZEofWvM4KNIyQThR2z17c
MvZuVBEo9NFMuEeXRLzCwmDfe344j9f3eQyY/5mnYLXQx60Lzg6BZxF1nCbN+mYc
vGHDPs3744sTmcj8pBLBX6629O/9uLe/IgQX8QDA1aaW9G/x2njICxecVHA9QRti
BPhbQfh9DWvUo3Wrmk/6kDb/d3kb/arx/HE3x4M+AbXlXA1G8GVOrFig6W9bgJRX
e1I0ZQhXvPqBAles4XK14x6cXzXGNfPjbwVgAAHSqsiDqBSp7CUPM5i/6yPRz7AN
uJG54euZ+02i8NErPXbe91kgHNidWQVnUMxDkle2QT3/Wo3mKcLfEGRJU89wiGw3
dkoclqgKD8vUT+EUiPShOAa5/FUVR9F7PjGDrV91IKBtwC8VoLmSMcu4hIKhlIFW
xWat/sFCLVz+8nmRKVgn+xoSwtYvAvbImI83QQsf4Q+GH0WsgHG1dRw3VRjXy3US
lOnT6nKXFCvB3n139cgHLp3Q5ZoRf1xKVv5/EvOIP9jagB13QbU=
=cPoJ
-----END PGP SIGNATURE-----
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden