The Most Important iOS and macOS Security Bugs Apple Patched Today

Apple has released updates for its iOS and macOS operating systems, patching a series of critical security vulnerabilities along with other bugs. Here’s what you need to know.

Among the bugs that were patched were two kernel level critical vulnerabilities discovered by Ian Beer from Google’s Project Zero that affected both iOS and macOS Sierra:

CVE-2017-2370 is a buffer overflow vulnerability that could potentially let a dodgy application execute arbitrary code with kernel privileges. CVE-2017-2360 also allowed for arbitrary code execution through a ‘use after free’ flaw, a form of memory corruption bug.

Another critical vulnerability that affected both the mobile and desktop operating systems is CVE-2016-8687, a libarchive buffer overflow bug that could lead to remote code execution through unpacking of a maliciously crafted archive, according to Apple.

Other vulnerabilities on iOS that were patched mainly involved WebKit, the web browser engine used by Safari, Apple’s App Store, and other macOS, iOS and Linux applications.

On macOS there were a few bugs that allowed for arbitrary code execution, some with kernel privileges.

You can find out more through Apple’s security patch notes for iOS 10.2.1 and macOS Sierra 10.12.3.

Considering how serious some of these security vulnerabilities are, it’s advised that iOS and macOS Sierra users apply the updates as soon as possible.

[Apple via Threatpost]

The Cheapest NBN 50 Plans

Here are the cheapest plans available for Australia’s most popular NBN speed tier.

At Lifehacker, we independently select and write about stuff we love and think you'll like too. We have affiliate and advertising partnerships, which means we may collect a share of sales or other compensation from the links on this page. BTW – prices are accurate and items in stock at the time of posting.