The GSM Association, the governing body that oversees the development of the Rich Communications Services (RCS) protocol, on Tuesday, said it's working towards implementing end-to-end encryption (E2EE) to secure messages sent between the Android and iOS ecosystems.
"The next major milestone is for the RCS Universal Profile to add important user protections such as interoperable end-to-end

Mobile Security / Encryption

The GSM Association, the governing body that oversees the development of the Rich Communications Services (RCS) protocol, on Tuesday, said it's working towards implementing end-to-end encryption (E2EE) to secure messages sent between the Android and iOS ecosystems.

"The next major milestone is for the RCS Universal Profile to add important user protections such as interoperable end-to-end encryption," Tom Van Pelt, technical director of GSMA, said.

"This will be the first deployment of standardized, interoperable messaging encryption between different computing platforms, addressing significant technical challenges such as key federation and cryptographically-enforced group membership."

The development comes a day after Apple officially rolled out iOS 18 with support for RCS in its Messages app, which comes with advanced features like message reactions, typing indications, read receipts, and high-quality media sharing, among others.

RCS, an improvement over the current SMS standard, is currently not end-to-end encrypted out of the box, prompting Google to implement the Signal protocol to secure RCS conversations on Android.

Earlier this year, Apple said it will work with GSMA members to integrate encryption. It's worth noting that the company's proprietary iMessage service is E2EE enabled.

"We look forward to continuing to collaborate across the mobile ecosystem to advance the RCS standard with interoperable end-to-end encryption to keep all RCS messages private and secure," Van Pelt said.

Google, last July, also revealed plans for baking the Message Layer Security (MLS) protocol to its Messages app for Android in order to facilitate interoperability across messaging services and platforms.

As recently as this month, Meta detailed its approach to enable interoperability with third-party messaging services in WhatsApp and Facebook Messenger as part of its efforts to comply with the E.U. Digital Markets Act (DMA) while maintaining E2EE guarantees "as far as possible."

"Building third-party chats is technically challenging and preserving privacy and security is a shared responsibility," the social media company said. "We have already come a long way, but there is a lot more to build."

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

GSMA Plans End-to-End Encryption for Cross-Platform RCS Messaging

A researcher bypassed the Calendar sandbox, Gatekeeper, and TCC in a chain attack that allowed for wanton theft of iCloud photos.

Source: Bjanka Kadic via Alamy Stock Photo

A zero-click chain of critical-, medium-, and low-severity vulnerabilities in macOS could have allowed attackers to undermine macOS's brand name security protections and ultimately compromise victims' iCloud data.

The story begins with a lack of sanitization of files attached to Calendar events. From there, researcher Mikko Kenttälä discovered he could achieve remote code execution (RCE) on targeted systems, and access sensitive data — in his experiments, he used iCloud Photos. No step in the process required any user interaction, and neither Apple's Gatekeeper nor Transparency, Consent, and Control (TCC) protections could stop it.

**Zero-Click Exploit Chain in macOS**

The all-important first bug in the chain — CVE-2022-46723 — was awarded a "critical" 9.8 out of 10 CVSS score back in February 2023.

It wasn't just dangerous, it was simple to exploit. An attacker could simply send the victim a calendar invite containing a malicious file. Because macOS failed to properly vet the filename, the attacker could name it arbitrarily, to variously interesting effect.

For example, they could name it with the goal of deleting a specific, preexisting system file. If they gave it the same name as an existing file, then deleted the calendar event through which they delivered it, the system would delete both the malicious file and the original file it mimicked, for whatever reason.

More dangerous was the potential for an attacker to perform path traversal, naming their attachment in such a way that would allow it to escape the Calendar's sandbox, where attached files are supposed to be saved, to other locations on the system.

Kenttälä used this arbitrary file write power to take advantage of an operating system upgrade (at the time of discovery, macOS Ventura was about to be released). First, he created a file mimicking a Siri-suggested repeating calendar event, hiding alerts that would trigger the execution of further files during a migration. One of those follow-on files was responsible for migrating old calendar data to the new system. Another allowed him to mount a network share from Samba, the open source Server Message Block (SMB) protocol, without triggering a security flag. Another two files triggered the launch of a malicious app.

**Undermining Apple's Native Security Controls**

The malicious app snuck in without raising any alarm, thanks to a bypass in macOS's Gatekeeper security feature — the thing standing in the way of Mac systems and untrusted apps. Labeled CVE-2023-40344, it was assigned a medium-severity 5.5 out of 10 CVSS rating back in January 2024.

Gatekeeper, though, wasn't the only signature macOS security feature undermined in the attack. Using a script launched by the malicious app, Kenttälä successfully replaced the configuration file associated with iCloud Photos with a malicious one. This re-pointed Photos to a custom path, outside of the protection of TCC, the protocol macOS uses to ensure apps don't improperly access sensitive data and resources. The re-pointing, CVE-2023-40434 — with a "low" 3.3 CVSS severity score — opened the door to wanton theft of photos, which could be exfiltrated to foreign servers with "trivial modifications."

"MacOS's Gatekeeper and TCC are critical for ensuring only trusted software is installed and managing access to sensitive data," explains Callie Guenther, senior manager of cyber threat research for Critical Start. "However, the zero-click vulnerability in macOS Calendar showed how attackers can bypass these protections by exploiting sandbox processes." Guenther notes, though, that macOS isn't uniquely vulnerable to these types of attacks: "Similar vulnerabilities exist in Windows, where Device Guard and SmartScreen can be bypassed using techniques like privilege escalation or exploiting kernel vulnerabilities."

For example, she adds, "Attackers have used DLL hijacking or sandbox escape methods to defeat Windows security controls. Both operating systems rely on robust security frameworks, but persistent adversaries — especially APT groups — find ways to bypass these defenses."

Apple acknowledged and patched the many vulnerabilities in the exploit chain at various points between October 2022 and September 2023.

Don't miss the latest Dark Reading Confidential podcast, where we talk to two cybersecurity professionals who were arrested in Dallas County, Iowa, and forced to spend the night in jail — just for doing their pen-testing jobs. Listen now!

**About the Author**

Nate Nelson is a freelance writer based in New York City. Formerly a reporter at Threatpost, he contributes to a number of cybersecurity blogs and podcasts. He writes "Malicious Life" -- an award-winning Top 20 tech podcast on Apple and Spotify -- and hosts every other episode, featuring interviews with leading voices in security. He also co-hosts "The Industrial Security Podcast," the most popular show in its field.

Zero-Click RCE Bug in macOS Calendar Exposes iCloud Data

Despite more US sanctions against spyware operators, Apple decided the cost in terms of disclosures about its own anti-spyware efforts was too great.

Source: stLegat via Alamy Stock Photo

Stopping the spread of commercial spyware is shaping up to be too big of a job even for tech titans like Apple.

The company dropped its years-long legal effort against Pegasus spyware dealer NSO Group, declining to hand over sensitive threat intelligence that it said could be used by adversaries against its own security defenses.

Pegasus spyware is a zero-click espionage malware deployed against iPhones, including that of Russian journalist Galina Timchenko, among others.

Meanwhile, international governments continue to hammer individuals and entities affiliated with commercial spyware operations with sweeping sanctions that have have little effect, leaving the digital espionage market wide open for investors, operators, and dictators around the globe.

Cupertino's brass is also encouraged by the work the US, international governments, and the tech sector at large have done to fight the rise of commercial spyware, Apple explained in its Sept. 13 motion to dismiss.

"When it filed this lawsuit nearly three years ago, Apple recognized that it would involve sharing information with third parties," Apple said. "Because of the developments since this suit was filed, proceeding forward at this time would now present too significant a risk to Apple's threat intelligence program."

Apple laid out other factors in the changed the landscape that made it increasingly dangerous for the company to release sensitive information.

First, Apple claimed that in the years since it first brought legal action against NSO Group it has continued to develop its threat intelligence to actively defend its users from threat actors. Handing over details about how Apple fights spyware to known spyware operators would be a bad idea. Apple added that NSO Group had been stingy with disclosures it made during the case's discovery process.

Further, Apple noted the commercial spyware sector has become more decentralized and that NSO Group is no longer a single actor in the cyber-espionage space; any action against the Israeli company would simply strengthen other spyware sellers as authoritarian governments pivot from Pegasus to numerous competing spyware brands.

Finally, Apple explained to the court that international governments have come around in the past three years and taken up the fight against spyware and the threat it poses to human rights around the world.

**Spyware Sanctions Aren't Working**

As if on cue, the US Department of the Treasury dropped a new round of sanctions just days later, on Sept. 16, this time against what the department calls "enablers" of the Intellexa commercial spyware consortium, identified to be behind Predator spyware. Sanctioned individuals include Felix Bitzios, Andrea Nicola Constantino Hermes Gambazzi, Merom Harpaz, Panagiota Karaoli, Artemis Artemiou, and the Aliada Group Inc.

These sanctions prohibit any US transactions with those named as well as any entities in which they own 50% or more, bar them from obtaining a US visa, and more.

But research shows sanctions have had little impact on stymieing the broader commercial spyware market. Digital eavesdropping continues to be deployed against diplomats, journalists, and ordinary citizens and vendors while intelligence gatherers have improved their ability to operate in the shadows, easily gaming sanctions and restrictions.

This past March, two individuals and five entities the US government said were associated with Predator mobile spyware operators were sanctioned as a result of Predator's network and infrastructure's spread into Botswana and the Philippines.

Nonetheless, it seems the cost of stopping spyware in the courtroom is too high even for the deepest-pocketed actors like Apple. Instead Apple said it will dig in on defense and leave offense to the feds.

"Apple has made the decision to prioritize its expert security resources and advanced threat-intelligence program to continue to stop destructive spyware through technical methods," the company said.

Apple Abandons Spyware Suit to Avoid Sharing Cyber Secrets

Apple Security Advisory 09-16-2024-10 - macOS Ventura 13.7 addresses buffer overflow, bypass, out of bounds access, out of bounds read, and spoofing vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

APPLE-SA-09-16-2024-10 macOS Ventura 13.7

macOS Ventura 13.7 addresses the following issues.  
Information about the security content is also available at  
https://support.apple.com/121234.

Apple maintains a Security Releases page at  
https://support.apple.com/100100 which lists recent  
software updates with security advisories.

Accounts  
Available for: macOS Ventura  
Impact: An app may be able to leak sensitive user information  
Description: The issue was addressed with improved checks.  
CVE-2024-44129

App Intents  
Available for: macOS Ventura  
Impact: An app may be able to access sensitive data logged when a  
shortcut fails to launch another app  
Description: This issue was addressed with improved redaction of  
sensitive information.  
CVE-2024-44182: Kirin (@Pwnrin)

AppKit  
Available for: macOS Ventura  
Impact: An unprivileged app may be able to log keystrokes in other apps  
including those using secure input mode  
Description: A logic issue was addressed with improved restrictions.  
CVE-2024-27886: Stephan Casas, an anonymous researcher

AppleMobileFileIntegrity  
Available for: macOS Ventura  
Impact: An app may be able to access sensitive user data  
Description: The issue was addressed with additional code-signing  
restrictions.  
CVE-2024-40847: Mickey Jin (@patch1t)

AppleMobileFileIntegrity  
Available for: macOS Ventura  
Impact: An app may be able to bypass Privacy preferences  
Description: A downgrade issue was addressed with additional code-  
signing restrictions.  
CVE-2024-40814: Mickey Jin (@patch1t)

AppleMobileFileIntegrity  
Available for: macOS Ventura  
Impact: An app may be able to bypass Privacy preferences  
Description: This issue was addressed with improved checks.  
CVE-2024-44164: Mickey Jin (@patch1t)

AppleMobileFileIntegrity  
Available for: macOS Ventura  
Impact: An app may be able to modify protected parts of the file system  
Description: A library injection issue was addressed with additional  
restrictions.  
CVE-2024-44168: Claudio Bozzato and Francesco Benvenuto of Cisco Talos

AppleMobileFileIntegrity  
Available for: macOS Ventura  
Impact: An attacker may be able to read sensitive information  
Description: A downgrade issue was addressed with additional code-  
signing restrictions.  
CVE-2024-40848: Mickey Jin (@patch1t)

Automator  
Available for: macOS Ventura  
Impact: An Automator Quick Action workflow may be able to bypass  
Gatekeeper  
Description: This issue was addressed by adding an additional prompt for  
user consent.  
CVE-2024-44128: Anton Boegler

bless  
Available for: macOS Ventura  
Impact: An app may be able to modify protected parts of the file system  
Description: A permissions issue was addressed with additional  
restrictions.  
CVE-2024-44151: Mickey Jin (@patch1t)

Compression  
Available for: macOS Ventura  
Impact: Unpacking a maliciously crafted archive may allow an attacker to  
write arbitrary files  
Description: A race condition was addressed with improved locking.  
CVE-2024-27876: Snoolie Keffaber (@0xilis)

Dock  
Available for: macOS Ventura  
Impact: An app may be able to access user-sensitive data  
Description: A privacy issue was addressed by removing sensitive data.  
CVE-2024-44177: an anonymous researcher

Game Center  
Available for: macOS Ventura  
Impact: An app may be able to access user-sensitive data  
Description: A file access issue was addressed with improved input  
validation.  
CVE-2024-40850: Denis Tokarev (@illusionofcha0s)

ImageIO  
Available for: macOS Ventura  
Impact: Processing an image may lead to a denial-of-service  
Description: An out-of-bounds access issue was addressed with improved  
bounds checking.  
CVE-2024-44176: dw0r of ZeroPointer Lab working with Trend Micro Zero  
Day Initiative, an anonymous researcher

Intel Graphics Driver  
Available for: macOS Ventura  
Impact: Processing a maliciously crafted texture may lead to unexpected  
app termination  
Description: A buffer overflow issue was addressed with improved memory  
handling.  
CVE-2024-44160: Michael DePlante (@izobashi) of Trend Micro Zero Day  
Initiative

Intel Graphics Driver  
Available for: macOS Ventura  
Impact: Processing a maliciously crafted texture may lead to unexpected  
app termination  
Description: An out-of-bounds read was addressed with improved bounds  
checking.  
CVE-2024-44161: Michael DePlante (@izobashi) of Trend Micro Zero Day  
Initiative

IOSurfaceAccelerator  
Available for: macOS Ventura  
Impact: An app may be able to cause unexpected system termination  
Description: The issue was addressed with improved memory handling.  
CVE-2024-44169: Antonio Zekić

Kernel  
Available for: macOS Ventura  
Impact: Network traffic may leak outside a VPN tunnel  
Description: A logic issue was addressed with improved checks.  
CVE-2024-44165: Andrew Lytvynov

Mail Accounts  
Available for: macOS Ventura  
Impact: An app may be able to access information about a user's contacts  
Description: A privacy issue was addressed with improved private data  
redaction for log entries.  
CVE-2024-40791: Rodolphe BRUNETTI (@eisw0lf)

Maps  
Available for: macOS Ventura  
Impact: An app may be able to read sensitive location information  
Description: An issue was addressed with improved handling of temporary  
files.  
CVE-2024-44181: Kirin(@Pwnrin) and LFY(@secsys) from Fudan University

mDNSResponder  
Available for: macOS Ventura  
Impact: An app may be able to cause a denial-of-service  
Description: A logic error was addressed with improved error handling.  
CVE-2024-44183: Olivier Levon

Notes  
Available for: macOS Ventura  
Impact: An app may be able to overwrite arbitrary files  
Description: This issue was addressed by removing the vulnerable code.  
CVE-2024-44167: ajajfxhj

PackageKit  
Available for: macOS Ventura  
Impact: An app may be able to modify protected parts of the file system  
Description: This issue was addressed with improved validation of  
symlinks.  
CVE-2024-44178: Mickey Jin (@patch1t)

Safari  
Available for: macOS Ventura  
Impact: Visiting a malicious website may lead to user interface spoofing  
Description: This issue was addressed through improved state management.  
CVE-2024-40797: Rifa'i Rejal Maynando

Sandbox  
Available for: macOS Ventura  
Impact: A malicious application may be able to access private  
information  
Description: The issue was addressed with improved checks.  
CVE-2024-44163: Zhongquan Li (@Guluisacat)

Shortcuts  
Available for: macOS Ventura  
Impact: A shortcut may output sensitive user data without consent  
Description: This issue was addressed with improved redaction of  
sensitive information.  
CVE-2024-44158: Kirin (@Pwnrin)

Shortcuts  
Available for: macOS Ventura  
Impact: An app may be able to observe data displayed to the user by  
Shortcuts  
Description: A privacy issue was addressed with improved handling of  
temporary files.  
CVE-2024-40844: Kirin (@Pwnrin) and luckyu (@uuulucky) of NorthSea

System Settings  
Available for: macOS Ventura  
Impact: An app may be able to access user-sensitive data  
Description: A privacy issue was addressed with improved private data  
redaction for log entries.  
CVE-2024-44166: Kirin (@Pwnrin) and LFY (@secsys) from Fudan University

System Settings  
Available for: macOS Ventura  
Impact: An app may be able to read arbitrary files  
Description: A path handling issue was addressed with improved  
validation.  
CVE-2024-44190: Rodolphe BRUNETTI (@eisw0lf)

Transparency  
Available for: macOS Ventura  
Impact: An app may be able to access user-sensitive data  
Description: A permissions issue was addressed with additional  
restrictions.  
CVE-2024-44184: Bohdan Stasiuk (@Bohdan_Stasiuk)

Additional recognition

Airport  
We would like to acknowledge David Dudok de Wit for their assistance.

macOS Ventura 13.7 may be obtained from the Mac App Store or Apple's  
Software Downloads web site: https://support.apple.com/downloads/

All information is also posted on the Apple Security Releases  
web site: https://support.apple.com/100100.

This message is signed with Apple's Product Security PGP key,  
and details are available at:  
https://www.apple.com/support/security/pgp/  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmboy2sACgkQX+5d1TXa  
IvoOmhAA1kPpqqhEBRbskSU4pFIfX+JY/MyIrnI+6pNgMk3CLhQ5SSx0aFS2tg/c  
We70hoiTA8eWMvRkYr8KYNriNstqCivg7iq84Gv4/ycJ9Hx4Zwj6pZh5If1H8y+Q  
3NVsvLgnmvnAb6W7MvpXtgma47vA5xRe2oefCNe6QbcC2qnQ2xaspBZtH805IkAi  
WznXdr7UXmjJyfjlgp2FifyiLYQoPXPGFOLKkBURDCxaH4SJidgvzxerU+B+1ju9  
dqW29eQwTjG+qhXncTuxfUSuQ5s7g5XfVqfvcTQihUk+ZjWaMYOaUT2UYlAgDfg5  
Mq35kP/Hvh8zmf+Ryufl3D+qfKpyVUUJUKu+kEMbOIoIMkCzM4F0G30czaKiGCA+  
tJCEtsY/oxcbEcy8DLQbesPCv5Hf1Gv2fMkP3p/6CAYqXQ1mXQF0Vm2erKRqS+yD  
N2+M+r/GFzvK4i9bf6j10kDgv9PRxPs+pH9zuU85cwhT+jZzr2dkvTC9p+mI+5CJ  
AZ7ZMgTLbXDw2M4d4e6mEV3XbJ5ebNqQv9t0Hfbg3pf8YVEeAO0casIPopLK6fqi  
uS7gn/3PL9C1HS2gqlekYuwiP0DSleKk9qCDUVVfmAAxTA1vHKvtvlRBO0ykN7HI  
NmX+8AuFy8jnZRmZWXIbav1/EdWYg7e5SLCD+pemYLcMYSoSNXg=  
=YxVI  
-----END PGP SIGNATURE-----

Apple Security Advisory 09-16-2024-10

Apple Security Advisory 09-16-2024-9 - macOS Sonoma 14.7 addresses buffer overflow, bypass, out of bounds access, out of bounds read, out of bounds write, and spoofing vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

APPLE-SA-09-16-2024-9 macOS Sonoma 14.7

macOS Sonoma 14.7 addresses the following issues.  
Information about the security content is also available at  
https://support.apple.com/121247.

Apple maintains a Security Releases page at  
https://support.apple.com/100100 which lists recent  
software updates with security advisories.

Accounts  
Available for: macOS Sonoma  
Impact: An app may be able to access user-sensitive data  
Description: The issue was addressed with improved permissions logic.  
CVE-2024-44153: Mickey Jin (@patch1t)

App Intents  
Available for: macOS Sonoma  
Impact: An app may be able to access sensitive data logged when a  
shortcut fails to launch another app  
Description: This issue was addressed with improved redaction of  
sensitive information.  
CVE-2024-44182: Kirin (@Pwnrin)

AppleGraphicsControl  
Available for: macOS Sonoma  
Impact: Processing a maliciously crafted video file may lead to  
unexpected app termination  
Description: The issue was addressed with improved memory handling.  
CVE-2024-40846: Michael DePlante (@izobashi) of Trend Micro Zero Day  
Initiative  
CVE-2024-40845: Pwn2car working with Trend Micro Zero Day Initiative

AppleGraphicsControl  
Available for: macOS Sonoma  
Impact: Processing a maliciously crafted file may lead to unexpected app  
termination  
Description: A memory initialization issue was addressed with improved  
memory handling.  
CVE-2024-44154: Michael DePlante (@izobashi) of Trend Micro Zero Day  
Initiative

AppleMobileFileIntegrity  
Available for: macOS Sonoma  
Impact: An app may be able to access sensitive user data  
Description: The issue was addressed with additional code-signing  
restrictions.  
CVE-2024-40847: Mickey Jin (@patch1t)

AppleMobileFileIntegrity  
Available for: macOS Sonoma  
Impact: An app may be able to bypass Privacy preferences  
Description: This issue was addressed with improved checks.  
CVE-2024-44164: Mickey Jin (@patch1t)

AppleMobileFileIntegrity  
Available for: macOS Sonoma  
Impact: An app may be able to modify protected parts of the file system  
Description: A library injection issue was addressed with additional  
restrictions.  
CVE-2024-44168: Claudio Bozzato and Francesco Benvenuto of Cisco Talos

AppleMobileFileIntegrity  
Available for: macOS Sonoma  
Impact: An attacker may be able to read sensitive information  
Description: A downgrade issue was addressed with additional code-  
signing restrictions.  
CVE-2024-40848: Mickey Jin (@patch1t)

AppleVA  
Available for: macOS Sonoma  
Impact: Processing a maliciously crafted video file may lead to  
unexpected app termination  
Description: An out-of-bounds write issue was addressed with improved  
bounds checking.  
CVE-2024-40841: Michael DePlante (@izobashi) of Trend Micro Zero Day  
Initiative

AppSandbox  
Available for: macOS Sonoma  
Impact: An app may be able to access protected files within an App  
Sandbox container  
Description: A permissions issue was addressed with additional  
restrictions.  
CVE-2024-44135: Mickey Jin (@patch1t)

Automator  
Available for: macOS Sonoma  
Impact: An Automator Quick Action workflow may be able to bypass  
Gatekeeper  
Description: This issue was addressed by adding an additional prompt for  
user consent.  
CVE-2024-44128: Anton Boegler

bless  
Available for: macOS Sonoma  
Impact: An app may be able to modify protected parts of the file system  
Description: A permissions issue was addressed with additional  
restrictions.  
CVE-2024-44151: Mickey Jin (@patch1t)

Compression  
Available for: macOS Sonoma  
Impact: Unpacking a maliciously crafted archive may allow an attacker to  
write arbitrary files  
Description: A race condition was addressed with improved locking.  
CVE-2024-27876: Snoolie Keffaber (@0xilis)

Dock  
Available for: macOS Sonoma  
Impact: An app may be able to access user-sensitive data  
Description: A privacy issue was addressed by removing sensitive data.  
CVE-2024-44177: an anonymous researcher

Game Center  
Available for: macOS Sonoma  
Impact: An app may be able to access user-sensitive data  
Description: A file access issue was addressed with improved input  
validation.  
CVE-2024-40850: Denis Tokarev (@illusionofcha0s)

ImageIO  
Available for: macOS Sonoma  
Impact: Processing a maliciously crafted file may lead to unexpected app  
termination  
Description: An out-of-bounds read issue was addressed with improved  
input validation.  
CVE-2024-27880: Junsung Lee

ImageIO  
Available for: macOS Sonoma  
Impact: Processing an image may lead to a denial-of-service  
Description: An out-of-bounds access issue was addressed with improved  
bounds checking.  
CVE-2024-44176: dw0r of ZeroPointer Lab working with Trend Micro Zero  
Day Initiative, an anonymous researcher

Intel Graphics Driver  
Available for: macOS Sonoma  
Impact: Processing a maliciously crafted texture may lead to unexpected  
app termination  
Description: A buffer overflow issue was addressed with improved memory  
handling.  
CVE-2024-44160: Michael DePlante (@izobashi) of Trend Micro Zero Day  
Initiative

Intel Graphics Driver  
Available for: macOS Sonoma  
Impact: Processing a maliciously crafted texture may lead to unexpected  
app termination  
Description: An out-of-bounds read was addressed with improved bounds  
checking.  
CVE-2024-44161: Michael DePlante (@izobashi) of Trend Micro Zero Day  
Initiative

IOSurfaceAccelerator  
Available for: macOS Sonoma  
Impact: An app may be able to cause unexpected system termination  
Description: The issue was addressed with improved memory handling.  
CVE-2024-44169: Antonio Zekić

Kernel  
Available for: macOS Sonoma  
Impact: Network traffic may leak outside a VPN tunnel  
Description: A logic issue was addressed with improved checks.  
CVE-2024-44165: Andrew Lytvynov

Mail Accounts  
Available for: macOS Sonoma  
Impact: An app may be able to access information about a user's contacts  
Description: A privacy issue was addressed with improved private data  
redaction for log entries.  
CVE-2024-40791: Rodolphe BRUNETTI (@eisw0lf)

Maps  
Available for: macOS Sonoma  
Impact: An app may be able to read sensitive location information  
Description: An issue was addressed with improved handling of temporary  
files.  
CVE-2024-44181: Kirin(@Pwnrin) and LFY(@secsys) from Fudan University

mDNSResponder  
Available for: macOS Sonoma  
Impact: An app may be able to cause a denial-of-service  
Description: A logic error was addressed with improved error handling.  
CVE-2024-44183: Olivier Levon

Notes  
Available for: macOS Sonoma  
Impact: An app may be able to overwrite arbitrary files  
Description: This issue was addressed by removing the vulnerable code.  
CVE-2024-44167: ajajfxhj

PackageKit  
Available for: macOS Sonoma  
Impact: An app may be able to modify protected parts of the file system  
Description: This issue was addressed with improved validation of  
symlinks.  
CVE-2024-44178: Mickey Jin (@patch1t)

Safari  
Available for: macOS Sonoma  
Impact: Visiting a malicious website may lead to user interface spoofing  
Description: This issue was addressed through improved state management.  
CVE-2024-40797: Rifa'i Rejal Maynando

Sandbox  
Available for: macOS Sonoma  
Impact: A malicious application may be able to access private  
information  
Description: The issue was addressed with improved checks.  
CVE-2024-44163: Zhongquan Li (@Guluisacat)

Sandbox  
Available for: macOS Sonoma  
Impact: A malicious application may be able to leak sensitive user  
information  
Description: The issue was addressed with improved checks.  
CVE-2024-44125: Zhongquan Li (@Guluisacat)

Security Initialization  
Available for: macOS Sonoma  
Impact: An app may be able to access protected user data  
Description: A permissions issue was addressed with additional  
restrictions.  
CVE-2024-40801: Zhongquan Li (@Guluisacat), Pedro José Pereira Vieito  
(@pvieito), an anonymous researcher

Shortcuts  
Available for: macOS Sonoma  
Impact: A shortcut may output sensitive user data without consent  
Description: This issue was addressed with improved redaction of  
sensitive information.  
CVE-2024-44158: Kirin (@Pwnrin)

Shortcuts  
Available for: macOS Sonoma  
Impact: An app may be able to observe data displayed to the user by  
Shortcuts  
Description: A privacy issue was addressed with improved handling of  
temporary files.  
CVE-2024-40844: Kirin (@Pwnrin) and luckyu (@uuulucky) of NorthSea

sudo  
Available for: macOS Sonoma  
Impact: An app may be able to modify protected parts of the file system  
Description: A logic issue was addressed with improved checks.  
CVE-2024-40860: Arsenii Kostromin (0x3c3e)

System Settings  
Available for: macOS Sonoma  
Impact: An app may be able to access user-sensitive data  
Description: A privacy issue was addressed with improved private data  
redaction for log entries.  
CVE-2024-44166: Kirin (@Pwnrin) and LFY (@secsys) from Fudan University

System Settings  
Available for: macOS Sonoma  
Impact: An app may be able to read arbitrary files  
Description: A path handling issue was addressed with improved  
validation.  
CVE-2024-44190: Rodolphe BRUNETTI (@eisw0lf)

Transparency  
Available for: macOS Sonoma  
Impact: An app may be able to access user-sensitive data  
Description: A permissions issue was addressed with additional  
restrictions.  
CVE-2024-44184: Bohdan Stasiuk (@Bohdan_Stasiuk)

Additional recognition

Airport  
We would like to acknowledge David Dudok de Wit for their assistance.

macOS Sonoma 14.7 may be obtained from the Mac App Store or Apple's  
Software Downloads web site: https://support.apple.com/downloads/

All information is also posted on the Apple Security Releases  
web site: https://support.apple.com/100100.

This message is signed with Apple's Product Security PGP key,  
and details are available at:  
https://www.apple.com/support/security/pgp/  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmboywEACgkQX+5d1TXa  
IvrDjxAA2tgRLOOTvFpZrVW/HEBxwCFUn7UkzXyfgUTuqntjSvmsc/pyVmPDpnOM  
UnLhZ4d3B6v44MSelhxSbomtGkggQfYAvcNmlPDk+yMMS0K5yRBJ3dobEt4e53Wj  
9DQl2cQfHxop3uaLRFRTRy5Wk46xIZcsPS3Obb0kLAZpnzD1K2UQ5tIgEVF2ETqi  
SaRlrjqsgiauG/qZ8pzJjQSB1/iNBJCf4TBMBmHHJ91zAVOiYxvVcIAcBl1cBK4m  
UU6Z0vF1NmNCTAu/8KPP0Y6AD5tM7ZrkotU1yTP8uey4r3Ec8XrZqzhTH05sMI5V  
Xt98UeRNl2EJQAJR2Wjfsa2u255SvJ9VJpOGpTff9npsP5c6a7fup2mcKSVmCJHG  
FxFoU9WC2Lx2fsb7kBZXx5y4+/lwKBh8gQBkqOB4vttUZIYwp/rwXJtBvwkSb3E+  
2MTYly0SAAAbwrGoImKsskbiOxB+Ebry2cZ4Rg8rKKwQIfpjpgCb2U97Ue1zCU/S  
lHCObpyD0HtDD13zYw3NXfbrcWS195WhLdgtVl9XJz90pQQwdcINzubGhILmabpl  
Q+QXoSuKNi0ooy9qO8yEmQdzF0swD/FZMqTmF6FFtFby4NpY6ooapHHyhJOGeqSn  
/Poj2T/Ay/xaX7VL2fUPU9n0KTNtp+HgvgpzMX31HpBNXo/96Eo=  
=YUrh  
-----END PGP SIGNATURE-----

Apple Security Advisory 09-16-2024-9

Apple Security Advisory 09-16-2024-8 - iOS 17.7 and iPadOS 17.7 addresses bypass, out of bounds access, and out of bounds read vulnerabilities.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256APPLE-SA-09-16-2024-8 iOS 17.7 and iPadOS 17.7iOS 17.7 and iPadOS 17.7 addresses the following issues.Information about the security content is also available athttps://support.apple.com/121246.Apple maintains a Security Releases page athttps://support.apple.com/100100 which lists recentsoftware updates with security advisories.AccessibilityAvailable for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1stgeneration and later, iPad Air 3rd generation and later, iPad 6thgeneration and later, and iPad mini 5th generation and laterImpact: An attacker with physical access to a locked device may be ableto Control Nearby Devices via accessibility featuresDescription: This issue was addressed through improved state management.CVE-2024-44171: Jake DerouinCompressionAvailable for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1stgeneration and later, iPad Air 3rd generation and later, iPad 6thgeneration and later, and iPad mini 5th generation and laterImpact: Unpacking a maliciously crafted archive may allow an attacker towrite arbitrary filesDescription: A race condition was addressed with improved locking.CVE-2024-27876: Snoolie Keffaber (@0xilis)Game CenterAvailable for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1stgeneration and later, iPad Air 3rd generation and later, iPad 6thgeneration and later, and iPad mini 5th generation and laterImpact: An app may be able to access user-sensitive dataDescription: A file access issue was addressed with improved inputvalidation.CVE-2024-40850: Denis Tokarev (@illusionofcha0s)ImageIOAvailable for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1stgeneration and later, iPad Air 3rd generation and later, iPad 6thgeneration and later, and iPad mini 5th generation and laterImpact: Processing a maliciously crafted file may lead to unexpected appterminationDescription: An out-of-bounds read issue was addressed with improvedinput validation.CVE-2024-27880: Junsung LeeImageIOAvailable for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1stgeneration and later, iPad Air 3rd generation and later, iPad 6thgeneration and later, and iPad mini 5th generation and laterImpact: Processing an image may lead to a denial-of-serviceDescription: An out-of-bounds access issue was addressed with improvedbounds checking.CVE-2024-44176: dw0r of ZeroPointer Lab working with Trend Micro ZeroDay Initiative, an anonymous researcherIOSurfaceAcceleratorAvailable for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1stgeneration and later, iPad Air 3rd generation and later, iPad 6thgeneration and later, and iPad mini 5th generation and laterImpact: An app may be able to cause unexpected system terminationDescription: The issue was addressed with improved memory handling.CVE-2024-44169: Antonio ZekićKernelAvailable for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1stgeneration and later, iPad Air 3rd generation and later, iPad 6thgeneration and later, and iPad mini 5th generation and laterImpact: Network traffic may leak outside a VPN tunnelDescription: A logic issue was addressed with improved checks.CVE-2024-44165: Andrew LytvynovKernelAvailable for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1stgeneration and later, iPad Air 3rd generation and later, iPad 6thgeneration and later, and iPad mini 5th generation and laterImpact: An app may gain unauthorized access to BluetoothDescription: This issue was addressed through improved state management.CVE-2024-44191: Alexander Heinrich, SEEMOO, DistriNet, KU Leuven(@vanhoefm), TU Darmstadt (@Sn0wfreeze) and Mathy VanhoefMail AccountsAvailable for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1stgeneration and later, iPad Air 3rd generation and later, iPad 6thgeneration and later, and iPad mini 5th generation and laterImpact: An app may be able to access information about a user's contactsDescription: A privacy issue was addressed with improved private dataredaction for log entries.CVE-2024-40791: Rodolphe BRUNETTI (@eisw0lf)mDNSResponderAvailable for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1stgeneration and later, iPad Air 3rd generation and later, iPad 6thgeneration and later, and iPad mini 5th generation and laterImpact: An app may be able to cause a denial-of-serviceDescription: A logic error was addressed with improved error handling.CVE-2024-44183: Olivier LevonSafari Private BrowsingAvailable for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1stgeneration and later, iPad Air 3rd generation and later, iPad 6thgeneration and later, and iPad mini 5th generation and laterImpact: Private Browsing tabs may be accessed without authenticationDescription: This issue was addressed through improved state management.CVE-2024-44127: Anamika AdhikariShortcutsAvailable for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1stgeneration and later, iPad Air 3rd generation and later, iPad 6thgeneration and later, and iPad mini 5th generation and laterImpact: A shortcut may output sensitive user data without consentDescription: This issue was addressed with improved redaction ofsensitive information.CVE-2024-44158: Kirin (@Pwnrin)ShortcutsAvailable for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1stgeneration and later, iPad Air 3rd generation and later, iPad 6thgeneration and later, and iPad mini 5th generation and laterImpact: An app may be able to observe data displayed to the user byShortcutsDescription: A privacy issue was addressed with improved handling oftemporary files.CVE-2024-40844: Kirin (@Pwnrin) and luckyu (@uuulucky) of NorthSeaSync ServicesAvailable for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1stgeneration and later, iPad Air 3rd generation and later, iPad 6thgeneration and later, and iPad mini 5th generation and laterImpact: An app may be able to bypass Privacy preferencesDescription: This issue was addressed with improved checks.CVE-2024-44164: Mickey Jin (@patch1t)TransparencyAvailable for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1stgeneration and later, iPad Air 3rd generation and later, iPad 6thgeneration and later, and iPad mini 5th generation and laterImpact: An app may be able to access user-sensitive dataDescription: A permissions issue was addressed with additionalrestrictions.CVE-2024-44184: Bohdan Stasiuk (@Bohdan_Stasiuk)UIKitAvailable for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1stgeneration and later, iPad Air 3rd generation and later, iPad 6thgeneration and later, and iPad mini 5th generation and laterImpact: An attacker may be able to cause unexpected app terminationDescription: The issue was addressed with improved bounds checks.CVE-2024-27879: Justin CohenThis update is available through iTunes and Software Update on youriOS device, and will not appear in your computer's Software Updateapplication, or in the Apple Downloads site. Make sure you have anInternet connection and have installed the latest version of iTunesfrom https://www.apple.com/itunes/iTunes and Software Update on the device will automatically checkApple's update server on its weekly schedule. When an update isdetected, it is downloaded and the option to be installed ispresented to the user when the iOS device is docked. We recommendapplying the update immediately if possible. SelectingDon't Install will present the option the next time you connectyour iOS device.The automatic update process may take up to a week depending onthe day that iTunes or the device checks for updates. You maymanually obtain the update via the Check for Updates buttonwithin iTunes, or the Software Update on your device.To check that the iPhone, iPod touch, or iPad has been updated:* Navigate to Settings* Select General* Select About. The version after applying this update will be"iOS 17.7 and iPadOS 17.7".All information is also posted on the Apple Security Releasesweb site: https://support.apple.com/100100.This message is signed with Apple's Product Security PGP key,and details are available at:https://www.apple.com/support/security/pgp/-----BEGIN PGP SIGNATURE-----iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmbo1AEACgkQX+5d1TXaIvr0LBAAn28J4FgN4GG7wRGwiXT2GIy0vuGDc8bbNiezEqpkSL1XtjFl0e4ChhtB7VWnEhCd2yq/6iy7yak3EiKuYngQZ79O3dBERviNFgM5pK8hxX46WR3K/M69U9iOszkmaOOE81mTiAKCjy4MP8qMsvHY79ZA0r9Bl2aJCQJMAscs4mQ+Gfy2OAWDHKrGd1iapLxp2jQRVDlguKL8slJDIql3LD2anZ/4qob9cnE9b2z0g0r8Iv/vjlZXdOseGx7TqQ/kWlg6rBHf9KhSjr+ipFfvFYJ9O+QCAcwgtilPkRmD4q3MiCZqG234qhmB4ZVrW3NrJQVR4ACF8e+tnB79pcXeVMvhytpUdY+fAxffihkbLzIydI5EriuAvtpitmI3hwqLwJBwHOSDroCOs6kIkDL4RXVCSkIuwiRfa/hWxVJE9lYQxUCH7vR4KomrwnuB7hhN3oqeRgXqtB1HcJ8Elu3KnA8rebF1X1TcMqTc5LbqZwCPDOAU07HfTVBaxWlLh0NfmXq2JIE+yozNTOySEvggfYiXL5JopRXocF0YWne63OoA0vhvljQhEClQRQifB4daPnmyxxJOWFhqY8dMcnrfb0xXB5OyxZFG1AiGLjg5qaSQYMAZoJvImuTVwFSKuKBHs7ahXn7EVojoe7m9WEiRqCXiORHmT6BF3vmWidni5Xs==J1rf-----END PGP SIGNATURE-----

Apple Security Advisory 09-16-2024-8

Apple Security Advisory 09-16-2024-7 - Xcode 16 addresses unauthorized access issues.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

APPLE-SA-09-16-2024-7 Xcode 16

Xcode 16 addresses the following issues.  
Information about the security content is also available at  
https://support.apple.com/121239.

Apple maintains a Security Releases page at  
https://support.apple.com/100100 which lists recent  
software updates with security advisories.

IDE Documentation  
Available for: macOS Sonoma 14.5 and later  
Impact: A malicious application may gain access to a user's Keychain  
items  
Description: This issue was addressed by enabling hardened runtime.  
CVE-2024-44162: Mickey Jin (@patch1t)

IDE Tools  
Available for: macOS Sonoma 14.5 and later  
Impact: An attacker may be able to determine the Apple ID of the owner  
of the computer  
Description: A privacy issue was addressed by removing sensitive data.  
CVE-2024-40862: Guilherme Rambo of Best Buddy Apps (rambo.codes)

Kernel  
Available for: macOS Sonoma 14.5 and later  
Impact: An app may gain unauthorized access to Bluetooth  
Description: This issue was addressed through improved state management.  
CVE-2024-44191: Alexander Heinrich, SEEMOO, DistriNet, KU Leuven  
(@vanhoefm), TU Darmstadt (@Sn0wfreeze) and Mathy Vanhoef

Additional recognition

Reality Composer Pro  
We would like to acknowledge Ron Masas of BreakPoint.sh for their  
assistance.

Swift  
We would like to acknowledge Banavath Aravind for their assistance.

Xcode 16 may be obtained from:  
https://developer.apple.com/xcode/downloads/  To check that the Xcode  
has been updated:  * Select Xcode in the menu bar * Select About  
Xcode * The version after applying this update will be "Xcode 16".

All information is also posted on the Apple Security Releases  
web site: https://support.apple.com/100100.

This message is signed with Apple's Product Security PGP key,  
and details are available at:  
https://www.apple.com/support/security/pgp/  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmboyXkACgkQX+5d1TXa  
IvqCRxAAg1rkAKtcgeWhSMqBPcPT8p3dpGm0gm6f5bIIJHefxwmHcNjS6GJh7Doi  
g3Dv+MJiGLOa/B0fqdDlAuimxAyW5KrMKl4oXHmo0Hl0D8SHi2f+NL3JI91SmZts  
rs1L4VpbR9uUJTCoXeZOXVH+LnXDN6jfUpD5+23kFJtuRBGw8a7BHRD1H0sl7yi9  
sS8n6zvYujiQyS8zP1NWkpxVMaLwTqFuE4gLR7Whjod70cPkQOzUpa2pmvA/xSXQ  
hpT8jhV1EVXVCGySkOmks3sdOxMg2PTTJ0l1r/hsLZSOhvbG6XyLPp1Y79uGLsnn  
aZIIHdHg9DWyoy8KNbgMsyjQC5/ZMkcEQloIgdx/vH3L0WDEa+/sZObrkERAKhZi  
qJneaBWmasy/I6QuoBihyo1EJhXRcDgw/7wjJaTPxJVJEAEVXMnwhz4UokvAE6CU  
Jo4qH1Yi6LLbCFuSUKUzJTq6OC0kssVp6Se2WAaqIm+5+374BgW/x2diaS1eLgYo  
e6db73koL1apAgP4vMvg3GUTA0/e4siZ9rAKYnRTghPWaKMX93Yeab9xHh5tNKb7  
INav09fDLuGBs97oe9pBfDFajYACaGdmYDA/mtoKchMt5gkgcovysjfV51KXdz8L  
dMGDYdOAtf0Lg0YkyuKEPzfYIoeTBKhWq1hZYS+ZQVULd5gkysM=  
=o+oG  
-----END PGP SIGNATURE-----

Apple Security Advisory 09-16-2024-7

Apple Security Advisory 09-16-2024-6 - Safari 18 addresses cross site scripting and spoofing vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

APPLE-SA-09-16-2024-6 Safari 18

Safari 18 addresses the following issues.  
Information about the security content is also available at  
https://support.apple.com/121241.

Apple maintains a Security Releases page at  
https://support.apple.com/100100 which lists recent  
software updates with security advisories.

WebKit  
Available for: macOS Ventura and macOS Sonoma  
Impact: Visiting a malicious website may lead to address bar spoofing  
Description: The issue was addressed with improved UI.  
WebKit Bugzilla: 279451  
CVE-2024-40866: Hafiizh and YoKo Kho (@yokoacc) of HakTrak

WebKit  
Available for: macOS Ventura and macOS Sonoma  
Impact: A malicious website may exfiltrate data cross-origin  
Description: A cross-origin issue existed with "iframe" elements. This  
was addressed with improved tracking of security origins.  
WebKit Bugzilla: 279452  
CVE-2024-44187: Narendra Bhati, Manager of Cyber Security at Suma Soft  
Pvt. Ltd, Pune (India)

WebKit  
Available for: macOS Ventura and macOS Sonoma  
Impact: Processing maliciously crafted web content may lead to universal  
cross site scripting  
Description: This issue was addressed through improved state management.  
WebKit Bugzilla: 268724  
CVE-2024-40857: Ron Masas

Additional recognition

Safari  
We would like to acknowledge Hafiizh and YoKo Kho (@yokoacc) of HakTrak  
for their assistance.

Safari 18 may be obtained from the Mac App Store.

All information is also posted on the Apple Security Releases  
web site: https://support.apple.com/100100.

This message is signed with Apple's Product Security PGP key,  
and details are available at:  
https://www.apple.com/support/security/pgp/  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmboyScACgkQX+5d1TXa  
Ivr5URAAqi3Km6vP17ccXkXlrcDJXrYE+HSdkDkqlpT0hNsfLCcpfbZME8R02efV  
lzb8JZ7DdtWI4U0WKjvJvmIhm0Ik2S1stYCNaxAtEBJ6YUYIJE5lJS4J/D3J1QTd  
5ygCi+zEzPnRjQx2BZ1Ju3VQdpDen50vTBY/cdqrujtbZ5s4wY2K2qV5SaPv7/zY  
6KChB6ivmuEN/iEN5e/ppTr3lAC1Hw1GFsD6xqnxK+USyydYGryQHvCzoidYjoaB  
7MkfwASZ/+RmdeCK+6pcN4NP8MRszViGas0GtZe+y7O/Pu6gc6PRrpD2s2LJKUta  
id0ofA1EtL+IRav/wXvJbvTBQc2vWhOrFWL4rP/9znCW2wtO8neayKewWYal1ClZ  
Jn75AOig5pfk6/aTtFFVXn/869PlolaVWe/jQuTVHvXX+N1nuDCriTRpVsz/XMdb  
3kWqsgMMxKjJnFQoprKpJcAA+vc28L5WLBxhXgGkcb8DML70YNg96CsH3w+qUrJL  
w9+AiGrgBECU3MhQOENtE8AmTmYMDCxjnEI8pYcsu5mKmLHkBnjRhYArLP+Se+3d  
PLHvbAaZf/cmO7Vm4A2uu1bhqf+E3UJLIlkIGMcwp+vQBiSAT70hri8J6fcaCvLq  
Hw7rhBt/najjjENdErB9REmqAjkJY3vP2K4pjE/1PNXmHd5tQu4=  
=q+/h  
-----END PGP SIGNATURE-----

Apple Security Advisory 09-16-2024-6

Apple has released iOS 18. We discuss the new privacy and security related features like the very handy Passwords app.

On September 16, 2024, Apple released iOS 18. Besides a lot of exciting new features, iOS 18 comes with some privacy and security enhancements.

One of the most promising new features is the new Passwords app. Built on the foundation of Apple’s password management system Keychain, Passwords makes it easier for users to access stored passwords and get an overview of their credentials.

Passwords App

One thing we often hear when we recommend the use of a password manager is that it’s too complicated. And, admittedly, many of them come with a learning curve. But Apple has made some steps in the right direction here.

Apple will also warn users if their credentials have been caught up in a data breach, so users can change their compromised password. In addition, users who have a weak password, or one that’s been used before, will be warned to pick a better one. Current users of the AutoFill function should notice how their passwords have automatically been added to the Passwords app.

iOS 18 also provides users with new tools to manage who can see their apps, how their contacts are shared, and how their iPhone connects to accessories. One of those tools allows users to adjust settings so that app notifications and content can’t inadvertently be seen by others. Another new feature is the ability to hide an app, which basically moves it to a locked, hidden apps folder that only the main user has access to. The basic functional apps can’t be hidden, but generally speaking if it’s on the App Store it can be hidden.

Hidden apps can be locked and unlocked with Face ID, Touch ID, or the device passcode, although there are a few exceptions. Account holders under age 13 can’t lock or hide an app so they can’t use it to dodge a parent’s watchful eye. Users between the ages of 13 and 18 can use these functions, but parents can still see what apps were downloaded and how much they are used.

Contact sharing is a lot more configurable, which makes life easier for those of us who use their device for work and private matters. Say, for example, a person uses an app solely for work, he might decide to share only work-related contacts with that app. Access can be updated as desired. Apple users can now see at a glance how many apps have access to data like location services, tracking, calendars, files and folders, contacts, and health information. When they tap on a particular category, users see a list of which apps have what level of access, such as limited or full.

Location services access overview

iOS 18 also prepares your device for Apple Intelligence which is expected next month.  

> “Apple Intelligence, the personal intelligence system that combines the power of generative models with personal context to deliver intelligence that is incredibly useful and relevant while protecting users’ privacy and security.”

Apple Intelligence is an artificial intelligence (AI) platform developed by Apple. Its features include on-device processing so it’s aware of your personal data, but doesn’t require Apple to collect or store it, and a new complex system designed to draw on larger server-based models to handle more complex requests, while still protecting user privacy.

I realize this sounds a lot like Microsoft’s Recall feature which was delayed after privacy and security concerns. We haven’t seen any pushback of that magnitude for Apple Intelligence. The main difference here are the regular “screenshots” that Microsoft wanted to deploy to help users later.

The privacy protections Apple promises can be important to users who want to have access to AI but are concerned about having their private data used to train models, which is something even AI enthusiasts are worried about to some extent.

To take those worries away, Apple created Private Cloud Compute (PCC), a cloud intelligence system designed specifically for private AI processing, which Apple says extends the privacy and security of Apple devices into the cloud.

A handy change for some users might be the new guest access for the Home app, which makes it easier for other members of your household to use your device to control any accessories connected to the Home app.

One safety feature I’m not that thrilled about is the Activation Lock. The Activation Lock feature is intended to block unauthorized repairs with parts from other iPhones and deter the resale of stolen components. It will link key parts like batteries, cameras, and displays to the original owner’s Apple account, making it harder to use or sell stolen parts. I fear this will only make it harder for users to go outside the channels under Apple’s control to get their devices repaired.

More new features of iOS 18 are discussed at length in this Apple newsroom article.

To check if you’re using the latest software version, go to **Settings** > **General** > **Software Update**. You want to be on iOS 18.0 or iPadOS 18.0, so update now if you’re not. It’s also worth turning on Automatic Updates if you haven’t already. You can do that on the same screen.

Available update

**We don’t just report on phone security—we provide it**

Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.

 iOS 18 is out. Here are the new privacy and security features 

The U.S. Department of Treasury has imposed fresh sanctions against five executives and one entity with ties to the Intellexa Consortium for their role in the development, operation, and distribution of a commercial spyware called Predator.
"The United States will not tolerate the reckless propagation of disruptive technologies that threatens our national security and undermines the privacy and

The U.S. Department of Treasury has imposed fresh sanctions against five executives and one entity with ties to the Intellexa Consortium for their role in the development, operation, and distribution of a commercial spyware called Predator.

"The United States will not tolerate the reckless propagation of disruptive technologies that threatens our national security and undermines the privacy and civil liberties of our citizens," said Acting Under Secretary of the Treasury for Terrorism and Financial Intelligence, Bradley T. Smith.

"We will continue to hold accountable those that seek to enable the proliferation of exploitative technologies, while also encouraging the responsible development of technologies that align with international standards."

The sanctioned individuals and entities are listed below -

*   Felix Bitzios, the beneficial owner of an Intellexa Consortium company that's believed to have supplied Predator to a foreign government client and the manager of Intellexa S.A.

*   Andrea Nicola Constantino Hermes Gambazzi, the beneficial owner of Thalestris Limited and Intellexa Limited, which are both members of the Intellexa Consortium

*   Merom Harpaz, a top executive of the Intellexa Consortium and the manager of Intellexa S.A.

*   Panagiota Karaoli, director of multiple Intellexa Consortium entities that are controlled by or are a subsidiary of Thalestris Limited

*   Artemis Artemiou, an employee of Intellexa S.A., as well as the general manager and member of the board of Cytrox Holdings, another member of the Intellexa Consortium

*   Aliada GroupInc., a British Virgin Islands-based company and member of the Intellexa Consortium has facilitated tens of millions of dollars of transactions

Thalestris Limited has been involved in processing transactions on behalf of other entities within the Intellexa Consortium, the Treasury said, adding that Aliada Group is directed by Tal Jonathan Dilian, the founder of the Intellexa Consortium.

The department described the consortium as a "complex international web of decentralized companies that built and commercialized a comprehensive suite of highly invasive spyware products."

The development comes a little over six months after the Treasury sanctioned Dilian, Sara Aleksandra Fayssal Hamou, and five other entities, including Intellexa S.A., on similar grounds.

It also follows a resurgence of Predator spyware activity after a period of relative silence by likely customers in Angola, the Democratic Republic of the Congo (DRC), and Saudi Arabia using new infrastructure that's designed to evade detection.

"The latest evolution of Predator infrastructure includes an additional tier in its delivery infrastructure to improve customer anonymization and enhanced operational security in its server configurations and associated domains," Recorded Future said.

"Although Predator spyware operators have changed significant aspects of their infrastructure setup, including changes that make country-specific attribution more challenging, they have largely retained their mode of operation."

It also follows Apple's decision to file a motion to dismiss its lawsuit against NSO Group for reasons that court disclosures could endanger its efforts to combat spyware, that there are steps being taken to avoid sharing information related to the Pegasus spyware, and that the impact could be diluted as a result of an expanding spyware market with new emerging players.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Tag

#apple