MOBILE Archives

August 2016

MOBILE@LIST.UVM.EDU

Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
From:
Sam Hooker <[log in to unmask]>
Reply To:
Discussions about Mobile Devices <[log in to unmask]>
Date:
Thu, 25 Aug 2016 20:26:47 +0000
Content-Type:
multipart/signed
Parts/Attachments:
text/plain (4 kB) , smime.p7s (4 kB)
An important update iOS update is available; patch as soon as you can.

A summary of the risk addressed in the updated software is available at WSJ: http://www.wsj.com/articles/firm-manipulated-iphone-software-to-allow-spying-report-says-1472149087?mod=e2tw


Cheers,

-sth

--
Sam Hooker | [log in to unmask]
Information Security Engineer
Enterprise Technology Services
The University of Vermont

At 20160825, 1439h, "[log in to unmask] on behalf of Apple Product Security" <[log in to unmask] on behalf of [log in to unmask]> wrote:

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512
    
    APPLE-SA-2016-08-25-1 iOS 9.3.5
    
    iOS 9.3.5 is now available and addresses the following:
    
    Kernel
    Available for: iPhone 4s and later, iPad 2 and later, iPod touch (5th generation) and later
    Impact: An application may be able to disclose kernel memory
    Description: A validation issue was addressed through improved input sanitization.
    CVE-2016-4655: Citizen Lab and Lookout 
    
    Kernel
    Available for: iPhone 4s and later, iPad 2 and later, iPod touch (5th generation) and later
    Impact: An application may be able to execute arbitrary code with kernel privileges
    Description: A memory corruption issue was addressed through improved memory handling.
    CVE-2016-4656: Citizen Lab and Lookout
    
    WebKit
    Available for: iPhone 4s and later, iPad 2 and later, iPod touch (5th generation) and later
    Impact: Visiting a maliciously crafted website may lead to arbitrary code execution
    Description: A memory corruption issue was addressed through improved memory handling.
    CVE-2016-4657: Citizen Lab and Lookout
    
    Installation note:
    
    This update is available through iTunes and Software Update on your
    iOS device, and will not appear in your computer's Software Update
    application, or in the Apple Downloads site. Make sure you have an
    Internet connection and have installed the latest version of iTunes
    from www.apple.com/itunes/
    
    iTunes and Software Update on the device will automatically check
    Apple's update server on its weekly schedule. When an update is
    detected, it is downloaded and the option to be installed is
    presented to the user when the iOS device is docked. We recommend
    applying the update immediately if possible. Selecting Don't Install
    will present the option the next time you connect your iOS device.
    
    The automatic update process may take up to a week depending on the
    day that iTunes or the device checks for updates. You may manually
    obtain the update via the Check for Updates button within iTunes, or
    the Software Update on your device.
    
    To check that the iPhone, iPod touch, or iPad has been updated:
    
    * Navigate to Settings
    * Select General
    * Select About. The version after applying this update
    will be "9.3.5".
    
    Information will also be posted to the Apple Security Updates
    web site: https://support.apple.com/kb/HT201222
    
    This message is signed with Apple's Product Security PGP key,
    and details are available at:
    https://www.apple.com/support/security/pgp/
    -----BEGIN PGP SIGNATURE-----
    Comment: GPGTools - https://gpgtools.org
    
    iQIcBAEBCgAGBQJXvzhMAAoJEIOj74w0bLRGBAMP/RvcCKskvhLhBTixjPNBWWqE
    VFuQCMGif3Q9/2vLv9tQxeesXdG30Rn7LkCSStR0ZhSPrNFlSDlhHj/KOLFd5en+
    lgctmToXnLQl+FzTnN0Tn872R3VENBl78OiP6K1urDJHMs1OwGgORyyKQgcaGcDZ
    GCBK7PUaK/yKVXfm1SJsMcyNL3lRGd05OnCPaXJruMZlbTWidK7R649oodPIIX+H
    cokqXBjM94M/Y6BUbPAeEh4lSk6ukygYHeb+JuTTj0AQ+82qIkWctkZLIVHZDLak
    aaTxLFpH9T9BAOTKSnpwFZa0Nj912OSkFbIbCMNyCcX/l7z2Pd+EVg/7rEEZBW+I
    yyo67JsXWQtCP9/P5El3V1lepNfuGOpRM5S+B/X2X+774QV/Xx8blVXTeDdDAk++
    bHblfQKx2Xlkrznl+SFLnDfY5d8TlRmLEcQu1N7DiN22I1Qi9eXdzicBrCHyY3s0
    sFTj577aBQ2gyH6EWTg4VfZHKKXtzPTNuSpAwobK8HKacezUhCXQ0BScmS47UMHu
    uk/sdirJX1GAfD0P7bcOsnTdMHG+vkXIFTuV+JsGcpg136kdg7rejVIsj/AKRChz
    f+e/7YsJIpMQriDr4w07huosClXKqSw64ygPyP0KYHTjO1picPocw1SF7eqyeng0
    C6oESP46AbWYUbdihpm7
    =PDst
    -----END PGP SIGNATURE-----
    
    
     _______________________________________________
    Do not post admin requests to the list. They will be ignored.
    Security-announce mailing list      ([log in to unmask])
    Help/Unsubscribe/Update your Subscription:
    https://lists.apple.com/mailman/options/security-announce/samuel.hooker%40uvm.edu
    
    This email sent to [log in to unmask]


ATOM RSS1 RSS2