Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2017.0196
macOS 10.12.3
24 January 2017
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: macOS
Publisher: Apple
Operating System: OS X
Impact/Access: Root Compromise -- Remote with User Interaction
Execute Arbitrary Code/Commands -- Remote with User Interaction
Cross-site Scripting -- Remote with User Interaction
Denial of Service -- Remote with User Interaction
Reduced Security -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2017-2371 CVE-2017-2370 CVE-2017-2361
CVE-2017-2360 CVE-2017-2358 CVE-2017-2357
CVE-2017-2353 CVE-2016-9934 CVE-2016-9933
CVE-2016-8687 CVE-2016-8670 CVE-2016-1248
Reference: ESB-2017.0011
ESB-2016.2944.2
ESB-2016.2789
ESB-2016.2542
Original Bulletin:
https://support.apple.com/kb/HT201222
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2017-01-23-2 macOS 10.12.3
macOS 10.12.3 is now available and addresses the following:
apache_mod_php
Available for: macOS Sierra 10.12.2
Impact: Multiple issues in PHP
Description: Multiple issues were addressed by updating to PHP
version 5.6.28.
CVE-2016-8670
CVE-2016-9933
CVE-2016-9934
Bluetooth
Available for: macOS Sierra 10.12.2
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A use after free issue was addressed through improved
memory management.
CVE-2017-2353: Ian Beer of Google Project Zero
Graphics Drivers
Available for: macOS Sierra 10.12.2
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2358: Team Pangu and lokihardt at PwnFest 2016
Help Viewer
Available for: macOS Sierra 10.12.2
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A cross-site scripting issue was addressed through
improved URL validation.
CVE-2017-2361: lokihardt of Google Project Zero
IOAudioFamily
Available for: macOS Sierra 10.12.2
Impact: An application may be able to determine kernel memory layout
Description: An uninitialized memory issue was addressed through
improved memory management.
CVE-2017-2357: Team Pangu and lokihardt at PwnFest 2016
Kernel
Available for: macOS Sierra 10.12.2
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A buffer overflow issue was addressed through improved
memory handling.
CVE-2017-2370: Ian Beer of Google Project Zero
Kernel
Available for: macOS Sierra 10.12.2
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A use after free issue was addressed through improved
memory management.
CVE-2017-2360: Ian Beer of Google Project Zero
libarchive
Available for: macOS Sierra 10.12.2
Impact: Unpacking a maliciously crafted archive may lead to arbitrary
code execution
Description: A buffer overflow issue was addressed through improved
memory handling.
CVE-2016-8687: Agostino Sarubbo of Gentoo
Vim
Available for: macOS Sierra 10.12.2
Impact: Opening a maliciously crafted file may lead to unexpected
application termination or arbitrary code execution
Description: An input validation issue existed in modelines. This was
addressed through improved input validation.
CVE-2016-1248: Florian Larysch
WebKit
Available for: macOS Sierra 10.12.2
Impact: A malicious website can open popups
Description: An issue existed in the handling of blocking popups.
This was addressed through improved input validation.
CVE-2017-2371: lokihardt of Google Project Zero
macOS 10.12.3 may be obtained from the Mac App Store or
Apple's Software Downloads web site:
https://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
- -----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJYgqLhAAoJEIOj74w0bLRGymIQAMx3h6pTb1SLTCY4H4hUwQf2
tBd4osjrM7eX9kDBJXw9U3S5STs7Qyaiqjc+E3XvGXaeYQhZHurNEy+4HEaS2ctQ
toj0S/meE1bhJ79SKnRuEso0dG2coYAMY4CMWZpF5haEPISunMDrmitIDX6BU8ds
LhIvflT044wXzFsPbUfIMqG1a+1SHGoM3K0J61U6NU7dCSwyYmSGKH/0CTLuezy9
HOiPQJxvWVmfKVBZsYcaBp67AI5948LHdvat3gRq9WpgWpjUFjW/tLSbvZObaIjn
+I3JkVZ9ETuXa+ig42h+CJTz/CozqlC1OpX1YLJLMh4h5+kY9PNwh1kcsv+8jKxo
cbPNatn2uzoigRTWuhCe4Tic6kgri+3c8qR+ZPspNpUyLmentjpbygrkOKVLlNnG
HmV0YIWA+zp4TVgeMnqoEPTHF9kxxhBSPOjgyL2oYwpMHyXb2gmho7Xl9gQirw5T
Nyaoup4A7eT9jR5FBcAvhPPm5I+J44qEKB/D9hvWcQLGf1PR9/zxVd5QxlJZgm9u
loqWBNhPAqD36SPIOsIbkcjAaBKsrEAV01AizkMrhrN1KySscXeZeZ84p4nJusdD
M7bFysYMv7fvNe65V4I2Tc2iujqiPHsXdLRioAWSk7giNRggQtaM8s/C0KYtrJdK
ykSG8JpyNuTNAl1HJtv6
=pBIh
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBWIadPIx+lLeg9Ub1AQjMFw/+PjxiB0Qni58/omAue6IeJlavmsQOE4vs
yNOq7ek7bzW1fGvu8rnpoFsP9/hnFIcmZ46xEfyffuDlt60lAK0O0z5J36DuiW+F
7truyFsZ/0L8TpBBKUkB2/Zw77NvvTfEyzAYJUAakvYufpU8libjLphhTyTUyGuD
VSDK/eIJt0/bnHz527VnQ38JxmFyzydb1+tGJI2kSG88pqRGI5bf6DjLmgmozqc/
/jAxpASdDUsLz1c9/2sytVIM+Vf3bCLDejtLDRVzwEihbWyIwiUWllazyB/MPVO9
LnYPyVk3SZEMovEDhwjFj0DW61sP0agttllGHaGt2qMbj6EzMaGjsHuooTbS5Tli
+Wqk4c0lIpA9mO8ik+NHT/dnqtKOU5EBIs0hFq2H691sIDApO3IesNmShpbpwZzc
4P/6EWlsZzd32ZAdTeabxGsBPDZQzCoaYsgiF77vbrNotfKTzfCAvduT6x14pF3o
SCIP5LAKlo6WunHoevaLpcwfEqPowj9baZ405UqUVogBqVMtYkllN39AgZxyLpT+
x7XNybteYisv2e2v6U7c8JesGXF+4oGM3/PPv80SHlROaJCbO/T1t0rxFrFj6H2D
EpMXSF56UZlEs4emA/U4GHCG0gpBlTGBTMMGoJ6jyynOxftpaxzpRyWoBxmXvXMy
QITZGeYDf68=
=Axry
-----END PGP SIGNATURE-----