Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2016.2510 iCloud for Windows v6.0.1 28 October 2016 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Apple iCloud Publisher: Apple Operating System: Windows Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Access Confidential Data -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2016-7578 CVE-2016-4613 Original Bulletin: https://support.apple.com/en-au/HT207273 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-10-27-2 iCloud for Windows v6.0.1 iCloud for Windows v6.0.1 is now available and addresses the following: WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may result in the disclosure of user information Description: An input validation issue was addressed through improved state management. CVE-2016-4613: Chris Palmer WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2016-7578: Apple Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ - -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJYElaQAAoJEIOj74w0bLRGydAP/A7CkkToap07bACp6iVYcQwO LRcILJJzCgQpXU4w95HA4w5iSlV08/PhFsIHb+nrQ4QM9TgUCPx7tlVTw+FUOCUy 1MyYNZCZs66B5w0lZla7unN76SPpt4m2fpz7b6SyTbpkrNuIvb/JC1AQoZOWz1za WBpS9argB+Nhk3HoG/PCGIQT2+iMicKLkK5ltbTGx0OK/hyRd8OM1qtU+z1OijV2 HRZek6yCR5h/4VJroBoyK3KqAashiEjGG7En9CHu3x2WLH9au62TVo74ugssfo3f gKuyBn8RZg8uFEo/iuBTNuU6rnoGQlY1YwNbyyAWlLuY2D0zgI3K9eREi6/T8LaO RJ6vz79hJHqfJIvMGGPZB9k4fWkBZemqhqfgW7RMBD7iBSYmoCIAbh679c12aik4 EF3rGTww+/3vdH3/Tb6w+5LTjIWjaYK05FInfzH2wY5sXT470VL946X6ueQysXOW kZ//jXIG52zS4pITnR+TPS5Ed9Xrwl6QhMtnSlPOmaUiuZyfmf6hxNmc9jkO9qs8 wIUeDOk83pVfOkrdEG1YUaHM35ntKEpqUFAtcgai0Z9DGtXMKiqikMLJMD8fdJ3g VPUWeZWA28cWZkv9RCNtVm/LZ0orVczUQZIdsThbfb5Kgi1YcG+BdT1+jfJvuiFt cmmT4qoVmcLgqmd0UR8Z =qqLM - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBWBKdeIx+lLeg9Ub1AQgSWg/9G882KKTlUSV0JG7+wLOwwUF7oYQx+AiC 7OKVyUD612D7dU/uBvksVuYexCZecz9FYVfOKJGwMMjz+gVLx6tp009rQFPI8+9f qqElIYdZI8q3T+J2i15la6rUnhgje3OAFwBX37bFiG/kZocADwdPMpVadR6aewqD nv1W2+YWUPoQxmydBXbzb3T31tHHyNWmTgTwC2MiwixMp6BiZuTgHU8oEzS6K0lX /LRaEHIPdu68JqiA231imC/2RxF9vlJ6+uHvjNApJfTM0jY2yTZMTkDEhrAOrbdl rvck/bM9psEMqyIoy+HtPXnIwZMzCQQHAHYfb/1jc60g9xQhbrc6/4i+wGSYjFEs TPTq9mPHvA85CEpc4t/5dJrZYe+EcY9IvxUttJDH7GEmjx5Y0R7oQUmpC1b4iCdw 7eU2Ote11fkZZObZd1TR65LQMLasSuFTvrwBzh98uCYEDB9IFE96cNuJ8o//TIe6 qvqWzvWAjUB1gGdxhMZviZr/U95iaT3KZr5c6QvC0017G7U9bDapEDFU7MX7wTqe p1uVHnZxq4TETJTD8K4awoO4yGElkgpoNaVi7dGFIpd7xMSJPtdNnI+rTQ2f18u4 HY3z8tWy5I8nNCjexrG5bloHyf+9wqcsORyiQa0AyTIDG1kWkf609jFnyHp2iVJZ JXstw/vXNaY= =y3+Q -----END PGP SIGNATURE-----