Critical Apple Release to Fix Security Vulnerabilities
by Daniel Ruiz
Senior Solutions Architect
Today Apple released several updates for macOS Big Sur 11.6, iOS 14.8, iPadOS 14.8, and watchOS 7.6.2 to fix security vulnerabilities.
The updates fix issues that allows an attacker to bypass Apple’s BlastDoor security sandbox.
- CoreGraphics CVE-2021-30860
- WebKit CVE-2021-30858
- CoreGraphics CVE-2021-30860: Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
- Description: An integer overflow was addressed with improved input validation.
- CVE-2021-30860: The Citizen Lab
- WebKit CVE-2021-30858: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have
- Description: A use after free issue was addressed with improved memory management.
- CVE-2021-30858: an anonymous researcher
- iPhone 6s and later
- iPad Pro (all models)
- iPad Air 2 and later
- iPad 5th generation and later
- iPad mini 4 and later
- iPod touch (7th generation)
- macOS Big Sur Desktops and Laptop products
- Apple Watch Series 3 and later
If you would like more information or assistance from our industry leading experts to plan and execute the workaround, please contact us at firstname.lastname@example.org.