Passa ai contenuti principali

Cerca nel blog

alerts.gdaverio.it

alerts.gdaverio.it

Alert GCSA-21047 - Apple Security Updates APPLE-SA-2021-04-26

Ottieni link
Facebook
Twitter
Pinterest
Email
Altre app

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

******************************************************************

Alert ID: GCSA-21047
Data: 28 Aprile 2021
Titolo: Apple Security Updates APPLE-SA-2021-04-26

******************************************************************

:: Descrizione

Apple ha rilasciato un aggiornamento di sicurezza che risolve diverse
vulnerabilita' presenti nei sistemi operativi e nelle applicazioni.

Le vulnerabilita' vengono attualmente sfruttata.

Per una descrizione degli aggiornamenti consultare le segnalazioni
ufficiali alla sezione 'Riferimenti'.

:: Software interessato

iCloud per Windows precedente alla 12.3
Xcode precedente alla 12.5
Safari precedente alla 14.1
macOS Big Sur precedente alla 11.3
macOS Catalina precedente al security update 2021-002
macOS Mojave precedente al security update 2021-003
iOS precedente alla 14.5
iPadOS precedente alla 14.5
watchOS precedente alla 7.4
tvOS precedente alla 14.5
iTunes precedente alla 12.11.3
GarageBand precedente alla 10.4.3

:: Impatto

Esecuzione da remoto di codice arbitrario nel contesto dell'applicazione
Accesso a dati sensibili
Escalation di privilegi

:: Soluzione

Aggiornare i software alle seguenti versioni:

iCloud per windows alla 12.3
Xcode alla 12.5
Safari alla 14.1
macOS Big Sur alla 11.3
macOS Catalina applicare il security update 2021-002
macOS Mojave applicare il security update 2021-003
iOS alla 14.5
iPadOS alla 14.5
watchOS alla 7.4
tvOS alla 14.5
iTunes alla 12.11.3
GarageBand alla 10.4.3

:: Riferimenti

Apple security updates
https://support.apple.com/en-us/HT201222
https://support.apple.com/en-us/HT212299
https://support.apple.com/en-us/HT212317
https://support.apple.com/en-us/HT212318
https://support.apple.com/en-us/HT212319
https://support.apple.com/en-us/HT212320
https://support.apple.com/en-us/HT212321
https://support.apple.com/en-us/HT212323
https://support.apple.com/en-us/HT212324
https://support.apple.com/en-us/HT212325
https://support.apple.com/en-us/HT212326
https://support.apple.com/en-us/HT212327

US-CERT
https://us-cert.cisa.gov/ncas/current-activity/2021/04/27/apple-releases-security-updates

Bleeping Computer:
https://www.bleepingcomputer.com/news/security/apple-fixes-macos-zero-day-bug-exploited-by-shlayer-malware/

CSIRT Italia
https://csirt.gov.it/contenuti/apple-corregge-vulnerabilita-0-day-in-big-sur-al01-210427-csirt-ita

Mitre CVE:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3838
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3838
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8037
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27942
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1739
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1740
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1784
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1797
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1805
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1806
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1807
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1808
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1809
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1810
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1811
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1813
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1814
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1815
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1816
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1817
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1820
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1822
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1824
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1825
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1825
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1826
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1828
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1829
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1830
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1831
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1832
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1834
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1835
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1836
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1837
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1839
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1840
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1841
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1843
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1844
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1846
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1847
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1848
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1849
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1851
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1852
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1853
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1854
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1855
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1857
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1858
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1859
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1860
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1861
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1864
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1865
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1867
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1868
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1868
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1872
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1873
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1874
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1875
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1876
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1877
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1878
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1880
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1881
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1882
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1883
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1884
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1885
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-7463
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-8285
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-8286
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21300
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30652
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30653
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30654
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30655
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30656
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30657
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30658
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30659
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30660
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30661

GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert

-----BEGIN PGP SIGNATURE-----

iF0EARECAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCYIkWUgAKCRDBnEyTZRJg
Qmb+AKDZVB9sA/dw5KwHOzQSvtc9HsXSEwCg1FyOHBk14dRG2Z4IZh/quGcYa1Q=
=dLGv
-----END PGP SIGNATURE-----

apple

Ottieni link
Facebook
Twitter
Pinterest
Email
Altre app

Gianandrea Daverio
Cyber Security Professional

HOME PAGE
ABOUT MYSELF
CYBERSECURITY
GARAGE STUFFS
PRESS ROOM
BLOG
CONTACT

© Copyright 2023 | All rights reserved | Gianandrea Daverio | Privacy

LAST MONTH VISITORS

Powered by Blogger

ABOUT MYSELF

ARCHIVIO BLOG

.

mag 202411
apr 202411
mar 202419
feb 202417
gen 202415
dic 202312
nov 20239
ott 202319
set 202316
ago 202317

Mostra di più Mostra di meno

COVERED TOPICS

.

chrome
microsoft
mozilla
apple
microsoft edge
adobe
gitlab
apache
oracle
drupal

moodle
bind
fortinet
openssl
joomla
magento
qnap
wordpress
samba
microsoft 365
atlassian
cisco
zoom
exim
anydesk
docker
kubernetes
openssh
owncloud
paloalto
php
sonicwall
vmware

Mostra di più Mostra di meno