Apple has released 11 security advisories in May 2020 to different software components of their major operating systems (MacOS, iOS and WatchOS). Users of their products are urged to apply the security updates as soon as they are available. The company is still working on some of the patches and details will be released soon.
Apple Publishes New Security Alerts in May 2020
Apple has just released security advisories of software and operating systems that they are developing. Some of them are still under development, however soon all patches of the batch will be available. The fixes which are released for the company’s software is for Microsoft Windows while others are for macOS and watchOS.
One of the addressed issues is described as a Microsoft Windows DLL loading bug in apps developed by Apple. In most cases this will lead to the loading of untrusted components. This can become an attack scenario if such data is delivered to the target computers. Through the exploitation of these programs malicious commands and files can be run on the host computers.
This monthly release of security advisories shows that cross-platform vulnerabilities are still considered a top threat to watch out for. An example is the iCloud application — the Windows version is affected, as well as other audio related tasks on macOS.
The discovered weaknesses in macOS may cause serious system disruptions, some of the more worrying ones include the following:
- Operating System Manipulation — The vulnerable applications can cause system crashes, write to the OS kernel memory or execute code with administrative privileges. This can cause a deep infection or serious disruption.
- Network Surveillance — The bugs can be exploited in order to monitor the inbound and outgoing traffic from the computers. When the hosts are part of a wider network all passing through data can also be intercepted. This also works for Bluetooth connections.
- Dangerous Local Attacks — Among the dangerous actions that can be run by the Apple software includes the inducing of crashes, bypassing security countermeasures and modifying personal user preferences and system configuration. This can be done to deploy other malware or cause severe performance and usability issues.
- Services, Apps and System Interaction — Through the hookups made by the malware code the hackers can interact with opened browser windows, hijack stored data and manipulate applications.
We advise all Apple users to apply the patches as soon as they are released. For more information you can read visit Apple’s security updates portal.