Recently I was working on an security issue in some other software that
has yet
to be disclosed which created a rather interesting condition. As a
non-root
user I was able to write to any file on the system that was not
SIP-protected
but the resulting file would not be root-owned, even if it pre
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2017-12-6-1 macOS High Sierra 10.13.2, Security Update
2017-002 Sierra, and Security Update 2017-005 El Capitan
macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and
Security Update 2017-005 El Capitan are now available and addres
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2017-12-6-2 iOS 11.2
iOS 11.2 addresses the following:
IOKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
system privileges
Descript
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2017-12-6-3 watchOS 4.2
watchOS 4.2 addresses the following:
IOSurface
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was add
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2017-12-6-4 tvOS 11.2
tvOS 11.2 addresses the following:
IOSurface
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruptio
[https://wwws.nightwatchcybersecurity.com/2017/05/17/advisory-whatsapp-for-android-privacy-issues-with-handling-of-media-files-cve-2017-8769/]
We reported an issue earlier this year to WhatsApp / Facebook, where
after deleting chats the media files would be retained on the device.
The vendor fixed
