Alert GCSA-24163 - Apple Security Updates APPLE-SA-12-11-2024
******************************************************************
Alert ID: GCSA-24163
Data: 12 Dicembre 2024
Titolo: Apple Security Updates APPLE-SA-12-11-2024
******************************************************************
:: Descrizione del problema
Apple ha rilasciato aggiornamenti software per risolvere vulnerabilita'
multiple che interessano i propri prodotti.
APPLE-SA-12-11-2024-1 iOS 18.2 and iPadOS 18.2
APPLE-SA-12-11-2024-2 iPadOS 17.7.3
APPLE-SA-12-11-2024-3 macOS Sequoia 15.2
APPLE-SA-12-11-2024-4 macOS Sonoma 14.7.2
APPLE-SA-12-11-2024-5 macOS Ventura 13.7.2
APPLE-SA-12-11-2024-6 watchOS 11.2
APPLE-SA-12-11-2024-7 tvOS 18.2
APPLE-SA-12-11-2024-8 visionOS 2.2
APPLE-SA-12-11-2024-9 Safari 18.2
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
iOS e iPadOS versioni precedenti alla 18.2
iPadOS versioni precedenti alla 17.7.3
macOS Sequoia versioni precedenti alla 15.2
macOS Sonoma versioni precedenti alla 14.7.2
macOS Ventura versioni precedenti alla 13.7.2
watchOS versioni precedenti alla 11.2
tvOS versioni precedenti alla 18.2
visionOS versioni precedenti alla 2.2
Safari versioni precedenti alla 18.1.1
:: Impatto
Esecuzione remota di codice arbitrario (RCE)
Denial of Service (DoS)
Information Disclosure (ID)
Acquisizione di privilegi piu' elevati (EoP)
:: Soluzione
Patchare il software alle ultime versioni
Aggiornare il software sul Mac
https://support.apple.com/it-it/108382
Keep your Mac up to date
https://support.apple.com/en-in/guide/mac-help/mchlpx1065/mac
Aggiornare Apple Watch
https://support.apple.com/it-it/108926
Aggiornare Apple TV
https://support.apple.com/it-it/108414
Aggiornare iPhone, iPad o iPod touch
https://support.apple.com/it-it/118575
https://www.apple.com/itunes/
L'aggiornamento e' disponibile tramite iTunes e dal menu
"Aggiornamento software" sul tuo dispositivo iOS,
e non apparira' nell'applicazione "Aggiornamento software"
del tuo computer, o nel sito di download di Apple.
Assicurati di aver installato l'ultima versione di iTunes da
https://www.apple.com/itunes/
:: Riferimenti
Apple Security Releases
https://support.apple.com/100100
Apple Security Updates
https://support.apple.com/en-us/100100
https://support.apple.com/en-us/121837
https://support.apple.com/en-us/121838
https://support.apple.com/en-us/121839
https://support.apple.com/en-us/121840
https://support.apple.com/en-us/121842
https://support.apple.com/en-us/121843
https://support.apple.com/en-us/121844
https://support.apple.com/en-us/121845
https://support.apple.com/en-us/121846
CIS - Center for Internet Security
https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-apple-products-could-allow-for-arbitrary-code-execution_2024-138
SANS ISC Diary
https://isc.sans.edu/diary/Apple+Updates+Everything+iOS+iPadOS+macOS+watchOS+tvOS+visionOS/31514/
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32395
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44201
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44220
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44224
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44225
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44243
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44245
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44246
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44248
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44291
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44300
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45490
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54465
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54466
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54474
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54476
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54477
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54479
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54484
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54485
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54486
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54489
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54490
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54491
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54492
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54493
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54494
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54495
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54498
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54500
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54501
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54502
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54503
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54504
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54505
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54506
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54508
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54510
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54513
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54514
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54515
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54524
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54526
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54527
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54528
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54529
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54531
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54534
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iF0EAREIAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCZ1rm3QAKCRDBnEyTZRJg
QjiSAJ4sAnPshbDDX4eSL1UHDmyG/0GhRACfRvSEb5MqAhXvTbmp6KDBfANrt0k=
=Yk+r
-----END PGP SIGNATURE-----
Alert ID: GCSA-24163
Data: 12 Dicembre 2024
Titolo: Apple Security Updates APPLE-SA-12-11-2024
******************************************************************
:: Descrizione del problema
Apple ha rilasciato aggiornamenti software per risolvere vulnerabilita'
multiple che interessano i propri prodotti.
APPLE-SA-12-11-2024-1 iOS 18.2 and iPadOS 18.2
APPLE-SA-12-11-2024-2 iPadOS 17.7.3
APPLE-SA-12-11-2024-3 macOS Sequoia 15.2
APPLE-SA-12-11-2024-4 macOS Sonoma 14.7.2
APPLE-SA-12-11-2024-5 macOS Ventura 13.7.2
APPLE-SA-12-11-2024-6 watchOS 11.2
APPLE-SA-12-11-2024-7 tvOS 18.2
APPLE-SA-12-11-2024-8 visionOS 2.2
APPLE-SA-12-11-2024-9 Safari 18.2
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
iOS e iPadOS versioni precedenti alla 18.2
iPadOS versioni precedenti alla 17.7.3
macOS Sequoia versioni precedenti alla 15.2
macOS Sonoma versioni precedenti alla 14.7.2
macOS Ventura versioni precedenti alla 13.7.2
watchOS versioni precedenti alla 11.2
tvOS versioni precedenti alla 18.2
visionOS versioni precedenti alla 2.2
Safari versioni precedenti alla 18.1.1
:: Impatto
Esecuzione remota di codice arbitrario (RCE)
Denial of Service (DoS)
Information Disclosure (ID)
Acquisizione di privilegi piu' elevati (EoP)
:: Soluzione
Patchare il software alle ultime versioni
Aggiornare il software sul Mac
https://support.apple.com/it-it/108382
Keep your Mac up to date
https://support.apple.com/en-in/guide/mac-help/mchlpx1065/mac
Aggiornare Apple Watch
https://support.apple.com/it-it/108926
Aggiornare Apple TV
https://support.apple.com/it-it/108414
Aggiornare iPhone, iPad o iPod touch
https://support.apple.com/it-it/118575
https://www.apple.com/itunes/
L'aggiornamento e' disponibile tramite iTunes e dal menu
"Aggiornamento software" sul tuo dispositivo iOS,
e non apparira' nell'applicazione "Aggiornamento software"
del tuo computer, o nel sito di download di Apple.
Assicurati di aver installato l'ultima versione di iTunes da
https://www.apple.com/itunes/
:: Riferimenti
Apple Security Releases
https://support.apple.com/100100
Apple Security Updates
https://support.apple.com/en-us/100100
https://support.apple.com/en-us/121837
https://support.apple.com/en-us/121838
https://support.apple.com/en-us/121839
https://support.apple.com/en-us/121840
https://support.apple.com/en-us/121842
https://support.apple.com/en-us/121843
https://support.apple.com/en-us/121844
https://support.apple.com/en-us/121845
https://support.apple.com/en-us/121846
CIS - Center for Internet Security
https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-apple-products-could-allow-for-arbitrary-code-execution_2024-138
SANS ISC Diary
https://isc.sans.edu/diary/Apple+Updates+Everything+iOS+iPadOS+macOS+watchOS+tvOS+visionOS/31514/
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32395
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44201
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44220
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44224
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44225
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44243
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44245
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44246
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44248
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44291
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44300
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45490
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54465
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54466
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54474
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54476
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54477
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54479
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54484
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54485
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54486
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54489
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54490
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54491
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54492
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54493
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54494
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54495
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54498
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54500
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54501
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54502
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54503
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54504
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54505
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54506
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54508
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54510
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54513
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54514
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54515
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54524
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54526
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54527
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54528
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54529
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54531
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54534
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iF0EAREIAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCZ1rm3QAKCRDBnEyTZRJg
QjiSAJ4sAnPshbDDX4eSL1UHDmyG/0GhRACfRvSEb5MqAhXvTbmp6KDBfANrt0k=
=Yk+r
-----END PGP SIGNATURE-----