Apple plugs these security gaps in iOS 18, macOS 15 and Co.
Apple has presented a long list of bug fixes for its new operating systems. However, it is unfortunately less detailed than usual.
Apple logo with open lock: Important security updates ahead.
(Image: Alberto Garcia Guillen/Shutterstock.com)
Apple has published details of the security fixes contained in iOS 18, macOS 15 Sequoia, tvOS 18, watchOS 11 and visionOS 2. As usual, the updates fix a whole host of vulnerabilities. There do not appear to be any exploits for the gaps that already exist "in the wild", at least the company is not providing any information on this.
Over 90 CVE IDs for macOS 15
iOS 18 and iPadOS 18 contain over 30 fixes specified by Apple as well as a full 20 bugs, for which no details but credits of the discoverers are given so far. Numerous areas are affected, from accessibility, Mail, Notes, Siri and UIKit to the kernel, the Siri voice assistant and the WebKit browser engine. According to Apple, denial-of-service attacks could be caused, private data could be tapped and VPN and network information could be leaked. Unwanted access to Bluetooth is also possible. Apple's way of describing the bugs is unfortunately quite indirect. For example, it talks about "unauthorized access" or writing "arbitrary files", but does not describe the execution of code (possibly with kernel rights) or remote attacks.
Videos by heise
A total of over 70 (!) fixed security vulnerabilities are listed for macOS 15 –, divided into more than 90 CVE IDs. In addition, there are over 30 bugs for which only the respective areas and credits exist, but no further details. As is usual with Apple, only the completely new operating system contains all the fixes. The updates for the old systems only contain the most important bug fixes (at Apple's discretion). Overall, it is very difficult to classify the dangers posed by the bugs this time.
watchOS, tvOS and visionOS
According to Apple, watchOS 11 contains eleven fixes, plus a handful of unspecified problems. For tvOS 18, there are also eleven – plus three unspecified issues for which there are only credits.
The first major update for the Vision Pro is visionOS 2. It fixes at least 15 security-related bugs. These include APFS, Game Center, ImageIO and the kernel. A bug in Presence made it possible to read sensitive GPU memory areas. Notes could be used to overwrite any files.
Empfohlener redaktioneller Inhalt
Mit Ihrer Zustimmung wird hier ein externer Preisvergleich (heise Preisvergleich) geladen.
Ich bin damit einverstanden, dass mir externe Inhalte angezeigt werden. Damit können personenbezogene Daten an Drittplattformen (heise Preisvergleich) übermittelt werden. Mehr dazu in unserer Datenschutzerklärung.
(bsc)
