On Monday, Apple released cumulative update 9.3.2 iOS and OS X Yosemite 10.11.5. In addition to bug fixes and adding new functionality, these updates fixed a number of vulnerabilities that allow to compromise mobile devices iPhone, iPad and Mac.
In total, 16 may released patches for iOS and OS X 106 have been fixed security holes. Part of the vulnerabilities allowed to compromise the operating system and remotely execute arbitrary code with the privileges of system or kernel.
According to Securitylab, the iOS update has eliminated 39 9.3.2 “holes” security-related information disclosure, arbitrary code execution and denial of service. Last month it became known about a vulnerability in iOS that allows using the voice assistant Siri to access data stored on the device, photographs, and contacts to bypass the lock screen. Then Apple fixed it on the server side, but now the problem is also solved in the function.
OS X Yosemite 10.11.5 67 corrects the vulnerabilities also affect the mobile OS. With their help, the attacker could execute arbitrary code with the privileges of the kernel or superuser, cause a denial of service, and to access confidential information. The release also fixes affecting TLS Protocol vulnerability DROWN.
For people who have decided not to install OS X Yosemite was released update Safari browser 9.1.1 it has been fixed 7 bugs in the WebKit engine that allows remotely to execute code and disclose information.
One of the errors was also eliminated in the iTunes version 12.4. Because the operating system tvOS for set top box Apple TV and watch OS for smart watches Apple Watch based on iOS, watch OS 2.2.1 and tvOS 9.2.1 fixed the same vulnerabilities in the mobile OS.
No details about the vulnerability is not explained until, while most users will not install new software releases.
