Impact: Processing a maliciously crafted STL file may lead to unexpected application termination or arbitrary code executionĭescription: An information disclosure issue was addressed with improved state management.ĬVE-2022-22579: Mickey Jin of Trend Micro Impact: A malicious application may be able to execute arbitrary code with kernel privilegesĬVE-2022-22593: Peter Nguyễn Vũ Hoàng of STAR Labs Apple is aware of a report that this issue may have been actively exploited.ĭescription: A memory corruption issue was addressed with improved input validation.ĬVE-2022-22587: an anonymous researcher, Meysam Firouzi of MBition - Mercedes-Benz Innovation Lab, Siddharth Aeri for: macOS Big Sur Impact: A malicious application may be able to execute arbitrary code with kernel privileges. This issue was addressed with improved path sanitization.ĬVE-2022-22585: Zhipeng Huo of Tencent Security Xuanwu Lab () Impact: An application may be able to access a user's filesĭescription: An issue existed within the path validation logic for symlinks. Addresses an issue where "Password requirements" in System Preferences didn't show when a password had met the requirements when multiple local policies were used.Impact: Parsing a maliciously crafted audio file may lead to disclosure of user informationĭescription: A buffer overflow issue was addressed with improved memory handling.ĬVE-2021-30960: JunDong Xie of Ant Security Light-Year Lab.Resolves an issue where in certain cases, the Relocated Items folder could not be deleted.Addresses an issue where after allowing a user to unlock a FileVault-protected startup volume, the user would not always appear in the list of users in the login window.Configuration file does not specify default realm". Fixes an issue where attempting to change a password using the Kerberos SSO Extension would fail with an error message saying "Password Change Failed.Hyperlinks in PDFs containing percent-encoded characters now open properly.Apple Push Notification service (APNs) traffic will correctly fall back to using a proxy if a direct connection is blocked by a firewall which doesn't send a TCP reset to clients.Provides MDM support for allowing standard users to permit Screen Recording or Input Monitoring in the Privacy pane of Security & Privacy preferences.Supports the RebuildKernelCache and KextPaths keys in the RestartDevice MDM command dictionary.Provides MDM support for allowing standard users to complete the installation of legacy kernel extensions by restarting their Mac from within System Preferences > Security & Privacy without having to provide administrator credentials.Resolves an issue where app installation may fail if MDM reissues the install command.Resolves an issue that prevents software updates from initiating at the login window.Resolves an issue with browsing network file servers hosting a large number of SMB shares.Safari now respects user-defined “Always Allow” access settings for SSO certificates.Updating a Wi-Fi payload that includes a certificate identity no longer creates a duplicate identity.Resolves an issue where mobile account creation fails on the first login.Resolves an issue with content filtering rules when using multiple network extensions simultaneously.Resolves an issue where using MDM to remove approval for system extensions did not deactivate the extensions.Resolves an issue where system extensions already awaiting user approval could not be approved by MDM. MDM can now install and manage iOS apps on Mac computers with Apple silicon.When using MDM to restart a macOS device, you can optionally allow user interaction before restarting.SMB Multichannel is now supported and enabled by default.MDM can now defer major and minor software releases separately.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |