Security Market Segment LS
Thursday, 16 July 2020 13:17

Apple updates deliver fixes and features

By

Another round of updates from Apple delivers some new features and plugs a range of security vulnerabilities in the company's operating systems and Safari web browser.

macOS Catalina 10.15.6 and the corresponding security updates for Mojave and High Sierra patch a variety of flaws, several of which could allow arbitrary code execution (bad) or arbitrary code execution with kernel privileges (really bad).

Most of the fixes are specific to Catalina. One is just for High Sierra (fixing a CoreAudio issue that allowed a buffer overflow), and one is for High Sierra and Mojave (a new version of Vim to prevent arbitrary code execution).

Catalina 10.15.6 includes improvements to Apple News (including more extensive local coverage for a handful of US cities, additional sources for Apple News+, and personalisation of the daily newsletter), a new option to optimise video streaming on HDR-compatible Mac notebooks for improved battery life, improvements to USB mouse and trackpad handling, and a fix for an issue that could cause the software update process to change the computer's name.

Changes aimed at enterprise customers include fixing an issue that could cause passwords containing certain characters to be rejected at the login window when using a non-US keyboard layout, extended support (in certain contexts) for certificates issued by the recently expired AddTrust External CA Root, and the ability to hide major new releases of macOS from managed Macs.

Safari 13.1.2 is part of Catalina 10.15.6 and also available for Mojave and High Sierra.

It addresses 11 issues, some of which can be remotely exploited to execute arbitrary code.

As usual, there is a degree of overlap between the fixes for macOS and those for iOS and iPadOS.

iOS 13.6 and iPadOS 13.6 address a total of 29 issues that could be variously exploited to execute arbitrary code, view sensitive information, and allow cross-site scripting, among others.

Changes include the much-heralded arrival of digital car keys (initially for very recently made BMWs, and including key sharing via Messages and a 'power reserve' allowing keys to be used up to five hours after the phone's battery runs out), the same Apple News improvements as in Catalina 10.16.6 (plus audio news), a 'symptoms' category in the Health app, and various changes and fixes relating to software updates, iCloud Drive, Wi-Fi calling, and other features.

watchOS 6.2.8's and tvOS 13.4.8's lists of fixes are shorter, but have a lot of commonality with those for the other operating systems.

watchOS 6.2.8 supports the digital car key feature on Apple Watch Series 5 or newer.

There is no indication at this stage that tvOS 13.4.8 delivers anything other than patches for security and other bugs.

The macOS updates are available via System Preferences, the iOS/iPadOS and tvOS updates via Settings, and the watchOS update via the Apple Watch app on iPhone.


Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Stephen Withers

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments