About Apple security updates
IPSecuritas is a third party application that provides additional functionality to OS X system and enjoys a popularity among Mac users. However, instead of installing it by dragging its icon to the Application folder, uninstalling IPSecuritas may need you to do more than a simple drag-and-drop to the Trash. Nov 29, 2017 The problem has been successfully fixed on machines running macOS High Sierra 10.13.1, the current release version of macOS High Sierra, but Apple has not yet addressed the vulnerability in macOS.
For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page.
For more information about security, see the Apple Product Security page. You can encrypt communications with Apple using the Apple Product Security PGP Key.
Apple security documents reference vulnerabilities by CVE-ID when possible.
macOS Sierra 10.12.1, Security Update 2016-002 El Capitan, and Security Update 2016-006 Yosemite
Released October 24, 2016
AppleGraphicsControl
Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed through improved lock state checking.
CVE-2016-4662: Apple
AppleMobileFileIntegrity
Available for: macOS Sierra 10.12
Impact: A signed executable may substitute code with the same team ID
Description: A validation issue existed in the handling of code signatures. This issue was addressed through additional validation.
Mac El Capitan
CVE-2016-7584: Mark Mentovai and Boris Vidolov of Google Inc.
Entry added November 27, 2016
AppleSMC Iphone download app for os x.
Available for: macOS Sierra 10.12
Impact: A local user may be able to elevate privileges
Description: A null pointer dereference was addressed through improved locking.
CVE-2016-4678: daybreaker@Minionz working with Trend Micro's Zero Day Initiative
ATS
Available for: macOS Sierra 10.12
Impact: Processing a maliciously crafted font file may lead to arbitrary code execution
Description: A memory corruption issue was addressed through improved memory handling.
https://skieyyou537.weebly.com/install-oracle-for-mac-os-sierra.html. CVE-2016-4667: Simon Huang of alipay, [email protected], Moony Li of TrendMicro, @Flyic
Entry updated October 27, 2016
ATS
Available for: macOS Sierra 10.12
Impact: A local user may be able to execute arbitrary code with additional privileges
Description: A memory corruption issue was addressed through improved memory handling.
CVE-2016-4674: Shrek_wzw of Qihoo 360 Nirvan Team
CFNetwork Proxies
Available for: macOS Sierra 10.12
Impact: An attacker in a privileged network position may be able to leak sensitive user information
Description: A phishing issue existed in the handling of proxy credentials. This issue was addressed by removing unsolicited proxy password authentication prompts.
CVE-2016-7579: Jerry Decime
Core Image
Available for: OS X El Capitan v10.11.6
Impact: Viewing a maliciously crafted JPEG file may lead to arbitrary code execution
Description: A memory corruption issue was addressed through improved input validation.
CVE-2016-4681: Ke Liu of Tencent's Xuanwu Lab
Entry added October 25, 2016
CoreGraphics
Available for: macOS Sierra 10.12
Impact: Viewing a maliciously crafted JPEG file may lead to arbitrary code execution
Description: A memory corruption issue was addressed through improved memory handling.
CVE-2016-4673: Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent
FaceTime
Available for: macOS Sierra 10.12
Impact: An attacker in a privileged network position may be able to cause a relayed call to continue transmitting audio while appearing as if the call terminated
Description: User interface inconsistencies existed in the handling of relayed calls. These issues were addressed through improved protocol logic.
CVE-2016-7577: Martin Vigo (@martin_vigo) of salesforce.com
Entry added October 27, 2016
FontParser
Available for: macOS Sierra 10.12
Impact: Parsing a maliciously crafted font may disclose sensitive user information
Description: An out-of-bounds read was addressed through improved bounds checking.
CVE-2016-4660: Ke Liu of Tencent's Xuanwu Lab
FontParser
Available for: macOS Sierra 10.12
Impact: Processing a maliciously crafted font file may lead to arbitrary code execution
Description: A buffer overflow existed in the handling of font files. This issue was addressed through improved bounds checking.
CVE-2016-4688: Simon Huang of Alipay company, [email protected]
Entry added November 27, 2016
IDS - Connectivity
Available for: macOS Sierra 10.12
Impact: An attacker in a privileged network position may be able to trick a user on a multi-party call into believing they are talking to the other party
Ipsecuritas For Mac Sierra 2017
Description: An impersonation issue existed in the handling of call switching. This issue was addressed through improved handling of 'switch caller' notifications.
CVE-2016-4721: Martin Vigo (@martin_vigo) of salesforce.com
Entry added October 27, 2016
ImageIO
Available for: OS X El Capitan v10.11.6
Impact: Parsing a maliciously crafted PDF may lead to arbitrary code execution
Description: An out-of-bounds write was addressed through improved bounds checking.
CVE-2016-4671: Ke Liu of Tencent's Xuanwu Lab, Juwei Lin (@fuzzerDOTcn)
ImageIO
Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6
Impact: Processing a maliciously crafted image may result in the disclosure of process memory
Description: An out-of-bounds read issue existed in the SGI image parsing. This issue was addressed through improved bounds checking.
CVE-2016-4682: Ke Liu of Tencent's Xuanwu Lab
ImageIO
Available for: OS X El Capitan v10.11.6
Impact: A remote attacker may be able to execute arbitrary code
![For For](/uploads/1/2/6/5/126552990/384144209.webp)
Description: Multiple out-of-bounds read and write issues exited in SGI parsing. These issues was addressed through improved input validation.
CVE-2016-4683: Ke Liu of Tencent’s Xuanwu Lab
Entry added October 25, 2016
Kernel
Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6, and macOS Sierra 10.12
Impact: A local user may be able to cause an unexpected system termination or arbitrary code execution in the kernel
Description: Multiple input validation issues existed in MIG generated code. These issues were addressed through improved validation.
CVE-2016-4669: Ian Beer of Google Project Zero
Entry updated November 2, 2016
Kernel
Available for: macOS Sierra 10.12
Impact: A local application may be able to execute arbitrary code with root privileges
Description: Multiple object lifetime issues existed when spawning new processes. These were addressed through improved validation.
CVE-2016-7613: Ian Beer of Google Project Zero
Entry added November 1, 2016
libarchive
Available for: macOS Sierra 10.12
Impact: A malicious archive may be able to overwrite arbitrary files
Description: An issue existed within the path validation logic for symlinks. This issue was addressed through improved path sanitization.
CVE-2016-4679: Omer Medan of enSilo Ltd
libxpc
Available for: macOS Sierra 10.12
Impact: An application may be able to execute arbitrary code with root privileges
Description: A logic issue was addressed through additional restrictions.
CVE-2016-4675: Ian Beer of Google Project Zero
Entry updated March 30, 2017
ntfs
Available for: macOS Sierra 10.12
Impact: An application may be able to cause a denial of service
Description: An issue existed in the parsing of disk images. This issue was addressed through improved validation.
CVE-2016-4661: Recurity Labs on behalf of BSI (German Federal Office for Information Security)
NVIDIA Graphics Drivers
Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6
Impact: An application may be able to cause a denial of service
Description: A memory corruption issue was addressed through improved input validation.
CVE-2016-4663: Apple
Security
Available for: macOS Sierra 10.12
Impact: A local attacker can observe the length of a login password when a user logs in
Description: A logging issue existed in the handling of passwords. This issue was addressed by removing password length logging.
CVE-2016-4670: Daniel Jalkut of Red Sweater Software
Entry updated October 25, 2016
Thunderbolt
Available for: macOS Sierra 10.12
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A null pointer dereference was addressed through improved input validation.
CVE-2016-4780: sweetchip of Grayhash
Entry added November 29, 2016
macOS Sierra 10.12.1 includes the security content of Safari 10.0.1.
We design Mac hardware and software with advanced technologies that work together to run apps more securely, protect your data, and help keep you safe on the web. And with macOS Catalina available as a free upgrade, it’s easy to get the most secure version of macOS for your Mac.*
Apple T2 chip.
The next generation of security.
The Apple T2 Security Chip — included with many newer Mac models — keeps your Mac safer than ever. The Secure Enclave coprocessor in the Apple T2 chip provides the foundation for Touch ID, secure boot, and encrypted storage capabilities. Touch ID gives you a seamless way to use your fingerprint to unlock your Mac, fill passwords in Safari, and make purchases with Apple Pay. Secure boot helps ensure that you are running trusted operating system software from Apple, while the Apple T2 chip automatically encrypts the data on your Mac. So you can be confident knowing that security has been designed right into the architecture of your Mac, from the ground up.
Apple helps you keep your Mac secure with software updates.
The best way to keep your Mac secure is to run the latest software. When new updates are available, macOS sends you a notification — or you can opt in to have updates installed automatically when your Mac is not in use. macOS checks for new updates every day, so it’s easy to always have the latest and safest version.
Protection starts at the core.
The technically sophisticated runtime protections in macOS work at the very core of your Mac to keep your system safe from malware. This starts with state-of-the-art antivirus software built in to block and remove malware. Technologies like XD (execute disable), ASLR (address space layout randomization), and SIP (system integrity protection) make it difficult for malware to do harm, and they ensure that processes with root permission cannot change critical system files.
Download apps safely from the Mac App Store. And the internet.
Now apps from both the App Store and the internet can be installed worry-free. App Review makes sure each app in the App Store is reviewed before it’s accepted. Gatekeeper on your Mac ensures that all apps from the internet have already been checked by Apple for known malicious code — before you run them the first time. If there’s ever a problem with an app, Apple can quickly stop new installations and even block the app from launching again.
Stay in control of what data apps can access.
Apps need your permission to access files in your Documents, Downloads, and Desktop folders as well as in iCloud Drive and external volumes. And you’ll be prompted before any app can access the camera or mic, capture keyboard activity, or take a photo or video of your screen.
FileVault 2 encrypts your data.
Ipsecuritas For Mac Sierra Vista
With FileVault 2, your data is safe and secure — even if your Mac falls into the wrong hands. FileVault 2 encrypts the entire drive on your Mac, protecting your data with XTS-AES 128 encryption. And on Mac systems with an Apple T2 Security Chip, FileVault 2 keys are created and protected by the Secure Enclave for even more security.
Designed to protect your privacy.
The most secure browser for your Mac is the one that comes with your Mac. Built-in privacy features in Safari, like Intelligent Tracking Prevention, help keep your browsing your business. Automatic strong passwords make it easy to create and use unique passwords for all the sites you visit. And iCloud Keychain syncs those passwords securely across all your devices, so you don’t have to remember them. You can also easily find and upgrade any weak passwords you’ve previously used (and reused and reused and reused).
Automatic protections from harmful sites.
Safari also helps safeguard you against fraudulent websites and those that harbor malware — before you visit them. If a website seems suspicious, Safari prevents it from loading and notifies you. And when connecting to unencrypted sites, Safari will warn you. So everything you need to browse without worry is right at your fingertips.
Find your missing Mac with Find My.
The Find My app combines Find My iPhone and Find My Friends into a single, easy-to-use app on Mac, iPad, and iPhone. Find My can help you locate a missing Mac — even if it’s offline or sleeping — by sending out Bluetooth signals that can be detected by nearby Apple devices. These devices then relay the detected location of your Mac to iCloud so you can locate it in the Find My app. It’s all anonymous and encrypted end-to-end so no one — including Apple — knows the identity of any reporting device or the location of your Mac. And it all happens silently using tiny bits of data that piggyback on existing network traffic. So there’s no need to worry about your battery life, your data usage, or your privacy being compromised.
Keep your Mac safe.
Even if it’s in the wrong hands.
All Mac models with the Apple T2 Security Chip support Activation Lock — just like your iPhone or iPad. So if your Mac is ever misplaced or lost, the only person who can erase and reactivate it is you.