![]() We can do a quick grep to see how many rules or new families there are. ![]() Let’s examine that in Vi and see what we’ve got. Let’s run a diff on them and output only the additions to a new text file (here I’ve changed the respective file names to make it easier to see which is which). The most obvious change is in the XProtect.yara files, with the updated file having increased in size from 44KB to 51KB. Here, I’ve made local copies of the original 10.15.1 and 10.15.2 bundles so that I can safely mess with them.Īs we can see, the version number has been bumped in the ist and ist files from v2108 to v2109. Let’s take a look at the two XProtect bundles side by side to see how they differ. As described by researcher Scott Knight and independent macOS developer and blogger Howard Oakley, 10.15.2 has seen some important changes to XProtect. Security Changes Apple Didn’t AnnounceĪs usual with macOS updates, there’s a few things under the hood that have occurred that Apple do not make public statements about but which are nevertheless of interest to the security community. Whether the bug applied to macOS as well hasn’t been mentioned, but credit in the Catalina security release notes suggests that macOS may have either been susceptible to some version of “AirDoS”, as Bagaria has dubbed it, or needed some kind of update to maintain AirDrop compatibility with patched mobile devices. Bagaria has published a blog post detailing an iOS/iPadOS bug that allows a malicious user to cause a Denial-of-Service attack on nearby devices that have AirDrop enabled. The same recognition also appears in the iOS and iPadOS 13.3 release notes. While the vulns all have ‘Modified’ status in the NIST database, they at least have a description indicating the issue, save for the most recent one, CVE-2019-15167, which remains reserved.Īpple’s security notes also gave additional recognition to Kishan Bagaria and Tom Snelling for their assistance in what Apple have only described as an issue in “Accounts”. Mojave and earlier OSs haven’t received the updated versions, which plug an astonishing 32 vulnerabilities with CVEs stretching back all the way from 2017 to 2019. Having now just made it into macOS, it’s worth noting that the tcpdump 4.9.3 and libpcap version 1.9.1 are exclusive to Catalina, at least at the moment. That patch has been available since September, but for reasons only Apple know this didn’t make the cut for the initial release of Catalina in October or the first point update after that. There is also a fix for an arbitrary code execution bug in FaceTime (CVE-2019-8830) when handling a maliciously crafted video, and Catalina’s Bluetooth receives a patch for CVE-2019-8853 which could allow an application to read restricted memory.Īpple also finally applied a patch for the opensource tcpdump and libpcap networking utilities. The 10.15.2 update brings six patches for what appear to be privilege escalations in, among other APIs and services, CFNetwork Proxies (CVE-2019-8848), the Kernel (CVE-2019-8833, ) and Security (CVE-2019-8832). The Music app restores column browser view for managing the music library, while iTunes Remote now supports using an iOS device to remotely control the Music and TV apps on a Mac. While point updates are not typically opportunities for Apple to add new features, 10.15.2 does bring a small number of user level additions.Īpple News receives a new layout and now carries content from the Wall Street Journal and other “leading newspapers”, while Stocks adds links to related content at the end of articles. So, what’s changed in this update? Let’s take a look and see!Īfter installing the 10.15.2 update, users should find they are now on build 19C57. ![]() This week, Apple dropped the public release of 10.15.2, a full month after showing developers the first beta. It’s been two months since Apple dropped the initial release of macOS Catalina, and after a rapid few supplemental updates and a first point upgrade in the first month, things appear to have slowed down to a normal cadence.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |