Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2018.3353.2 APPLE-SA-2018-10-30-7 iCloud for Windows 7.8 1 November 2018 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Apple iCloud Publisher: Apple Operating System: Windows Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Cross-site Scripting -- Remote with User Interaction Denial of Service -- Remote with User Interaction Reduced Security -- Remote/Unauthenticated Access Confidential Data -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2018-4416 CVE-2018-4414 CVE-2018-4412 CVE-2018-4409 CVE-2018-4398 CVE-2018-4392 CVE-2018-4386 CVE-2018-4382 CVE-2018-4378 CVE-2018-4377 CVE-2018-4376 CVE-2018-4375 CVE-2018-4374 CVE-2018-4373 CVE-2018-4372 CVE-2018-4361 CVE-2018-4360 CVE-2018-4359 CVE-2018-4358 CVE-2018-4347 CVE-2018-4345 CVE-2018-4328 CVE-2018-4323 CVE-2018-4319 CVE-2018-4318 CVE-2018-4317 CVE-2018-4316 CVE-2018-4315 CVE-2018-4314 CVE-2018-4312 CVE-2018-4311 CVE-2018-4309 CVE-2018-4306 CVE-2018-4299 CVE-2018-4197 CVE-2018-4191 CVE-2018-4126 Reference: ESB-2018.3348 ESB-2018.3347 Original Bulletin: https://support.apple.com/en-au/HT209198 Revision History: November 1 2018: New CVEs added October 31 2018: Initial Release - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-10-30-7 iCloud for Windows 7.8 iCloud for Windows 7.8 is now available and addresses the following: CoreCrypto Available for: Windows 7 and later Impact: An attacker may be able to exploit a weakness in the Miller-Rabin primality test to incorrectly identify prime numbers Description: An issue existed in the method for determining prime numbers. This issue was addressed by using pseudorandom bases for testing of primes. CVE-2018-4398: Martin Albrecht, Jake Massimo and Kenny Paterson of Royal Holloway, University of London, and Juraj Somorovsky of Ruhr University, Bochum Safari Reader Available for: Windows 7 and later Impact: Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting Description: A logic issue was addressed with improved validation. CVE-2018-4374: Ryan Pickren (ryanpickren.com) Safari Reader Available for: Windows 7 and later Impact: Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cross site scripting Description: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. CVE-2018-4377: Ryan Pickren (ryanpickren.com) WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4372: HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST Softsec Lab, Korea CVE-2018-4373: ngg, alippai, DirtYiCE, KT of Tresorit working with Trend Micro's Zero Day Initiative CVE-2018-4375: Yu Haiwan and Wu Hongjun From Nanyang Technological University working with Trend Micro's Zero Day Initiative CVE-2018-4376: 010 working with Trend Micro's Zero Day Initiative CVE-2018-4382: lokihardt of Google Project Zero CVE-2018-4386: lokihardt of Google Project Zero CVE-2018-4392: zhunki of 360 ESG Codesafe Team CVE-2018-4416: lokihardt of Google Project Zero WebKit Available for: Windows 7 and later Impact: A malicious website may be able to cause a denial of service Description: A resource exhaustion issue was addressed with improved input validation. CVE-2018-4409: Sabri Haddouche (@pwnsdx) of Wire Swiss GmbH WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to code execution Description: A memory corruption issue was addressed with improved validation. CVE-2018-4378: an anonymous researcher, zhunki of 360 ESG Codesafe Team Installation note: iCloud for Windows 7.8 may be obtained from: https://support.apple.com/HT204283 Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ - -----BEGIN PGP SIGNATURE----- iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlvYkgYpHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3F7rg// SAIZ05SZhVk7GneZzaTdgx7gzC8cyNpTPa7545ZYKFrQmFox1cfx/DUGm/i41S0/ i/dyP8ru6YNZyWg9Mic6taNKRC96jb8mkTyDILjFMVIbenI1oKBRHosYh5X6zo/Y f9/WphtdkNhjsBAXlfZk8cHL/Hv+Rm2K6SebC0+O/34c9+zM7h9HHaXu2doRMHDw e417R/VnC3LQWhltb63Ofwt/h+qsSdKLwk+r+a/+YrNXFtRZ6r9nufT9iN3Xrmwo 7gUZcIxprwvpV4l5SXDqrFtyE2+Jx31Zji/ziElmKVWHBUSegyXIiPeuckCrAaeb ok23j/OmsBcuHtdvnsNSulVJbzOME6dYDAqiEDOSCRjghragj+7Fp//a4lHCTBkX G2ZiHQmVQ7DZ/boCuVl3TcX1tm7FAJG2czjIEsR14SpYih1CVHBEHGHOn8SW/QcS c5gXfm/s8dzi5vwlo2afLRByzbfHwBtD6t9hIzOnzTZIydXHAFt6kXvDnyACkKq9 Be8c3eDL3SuB+X7V4Ufg/X4f/lQn3dg9Db5/YShfmXq7FpymeM5vxPOKLgrIva4Q h1fl0F8QGpMxi5COdj9joz/umR1XDjjeOuRB8OjSdHAhFs2Wiw5FdcdI/Sh2fYnJ invSJ2RHdqpm/E4gsUgUKWEvUqUsX/Y311bHwxe64p0= =tFdf - -----END PGP SIGNATURE----- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-10-30-12 Additional information APPLE-SA-2018-10-08-2 iCloud for Windows 7.7 iCloud for Windows 7.7 addresses the following: CFNetwork Available for: Windows 7 and later Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4126: Bruno Keith (@bkth_) working with Trend Micro's Zero Day Initiative Entry added October 30, 2018 CoreFoundation Available for: Windows 7 and later Impact: A malicious application may be able to elevate privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4412: The UK's National Cyber Security Centre (NCSC) Entry added October 30, 2018 CoreFoundation Available for: Windows 7 and later Impact: An application may be able to gain elevated privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4414: The UK's National Cyber Security Centre (NCSC) Entry added October 30, 2018 CoreText Available for: Windows 7 and later Impact: Processing a maliciously crafted text file may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2018-4347: an anonymous researcher Entry added October 30, 2018 WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2018-4197: Ivan Fratric of Google Project Zero CVE-2018-4306: Ivan Fratric of Google Project Zero CVE-2018-4312: Ivan Fratric of Google Project Zero CVE-2018-4314: Ivan Fratric of Google Project Zero CVE-2018-4315: Ivan Fratric of Google Project Zero CVE-2018-4317: Ivan Fratric of Google Project Zero CVE-2018-4318: Ivan Fratric of Google Project Zero WebKit Available for: Windows 7 and later Impact: A malicious website may exfiltrate image data cross-origin Description: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. CVE-2018-4345: an anonymous researcher WebKit Available for: Windows 7 and later Impact: Unexpected interaction causes an ASSERT failure Description: A memory corruption issue was addressed with improved validation. CVE-2018-4191: found by OSS-Fuzz WebKit Available for: Windows 7 and later Impact: Cross-origin SecurityErrors includes the accessed frame's origin Description: The issue was addressed by removing origin information. CVE-2018-4311: Erling Alf Ellingsen (@steike) WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2018-4316: crixer, Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4299: Samuel Groβ (saelo) working with Trend Micro's Zero Day Initiative CVE-2018-4323: Ivan Fratric of Google Project Zero CVE-2018-4328: Ivan Fratric of Google Project Zero CVE-2018-4358: @phoenhex team (@bkth_ @5aelo @_niklasb) working with Trend Micro's Zero Day Initiative CVE-2018-4359: Samuel GroÃ\x{159} (@5aelo) CVE-2018-4360: William Bowling (@wcbowling) WebKit Available for: Windows 7 and later Impact: A malicious website may cause unexepected cross-origin behavior Description: A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. CVE-2018-4319: John Pettitt of Google WebKit Available for: Windows 7 and later Impact: A malicious website may be able to execute scripts in the context of another website Description: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. CVE-2018-4309: an anonymous researcher working with Trend Micro's Zero Day Initiative WebKit Available for: Windows 7 and later Impact: Unexpected interaction causes an ASSERT failure Description: A memory consumption issue was addressed with improved memory handling. CVE-2018-4361: found by OSS-Fuzz Additional recognition SQLite We would like to acknowledge Andreas Kurtz (@aykay) of NESO Security Labs GmbH for their assistance. WebKit We would like to acknowledge Cary Hartline, Hanming Zhang from 360 Vuclan team, Tencent Keen Security Lab working with Trend Micro's Zero Day Initiative, and Zach Malone of CA Technologies for their assistance. Installation note: iCloud for Windows 7.7 may be obtained from: https://support.apple.com/HT204283 Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ - -----BEGIN PGP SIGNATURE----- iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlvYkgUpHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3FSmg/8 Ds7AlzrPAtVYGpfg/z2cT+cBH8/le+4Q8Uum1ogtQKY6sld4UnTr9T69FkybeIYX IZ31RgfhJNHbwS4w3vdkv2/Hnlk5uj+dbnG9kV6nIJlLbZYqM1CQ4gKLMkqzP6Y0 2mygpSWiog9/4dWafds2D0+xnUlGFmgKDmkcry6cFkYyRVW+k2bXIagGyHbMX6dC 1XEg8er/8C/ni9f+oD2reGs0uNzQSSoXxRINTmKWuxB93VuVE3Zuw2SmZp7PWQ46 HadXHp6XTFn8Z2a5FY91PQ8fuhQL5lSIk8d0eOESptq9Z+9fJaZqmRAN5930guFi CsaekkEBmqBATtAVea0CAwXGFkvHy2NiZ7MR6ZneVWRzXn8Y9WJ3SmPVyVpp9KrR uqqQuqKpE7A2uqjM2Iao8dJaAtOV6afImQsSBqMVLFFh/rls1UAnU4bMlojk1EVw amq5EbjLD8WMINZE6qf8qC5/9/99teCQHak6ApFRcxYX/R6dKb8pxlQr4bu7mX8u +HTSEEUa8dSUlfjLt7QlOYSRlr25wHuJJYmjOxAgQAJcqRhUJcBMhkKh/VWJOKNT DD0osS/MEG76VrAk78+r74YUvAu+r1iCKYv38xztafbLJRGSomSm7bIZJjYDkxZF YGk1Ck/jEE18Pp1m1aww74mOpMuTwE+xC2TGgd6xiyA= =haWb - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBW9pZwGaOgq3Tt24GAQjnDQ//bnYZ+fGngUP0H4BuQs2+fX2kCIwvRn8z 4K+IN33IV9ivFqaeZusEC4b1v5w52oFMidmLjnkViEtyvU0pf3OAjTej+UnALVxb YH/g5GWfRrFiXyntxkBqRz8wWW622/Tunw9UhRotMiGt1j+lMloUdK5z63RzaS9T IfWita3bv74bVi7RE3L/dmQCyO0pga1IE0cS1aZsrw1l4ofzS/oP6Cou1EIVb3RF B4gY+LLf/r7+qrqcrFtkYq5f9Z3s7psJpWRfNRjtBujRE6AluvY2bpViKeH8kMcq T5/YBwyK4tPO0s9SjdIH8JnErFfkPAzBMijiJ9PESW7xXcfXKwGKiPlhud96J7+b m2QOAHmA3m45bevuHwgKQFIvmUdyCKDdPqChTZtZIoh8Oh11ToFF1hHfUXxN8Gub EELK0DmYkiOE9oUO2UCKAFIYZvgFaJ5yMLMoSwIdlOqIzezig0qNvZlJJ9IPSs76 PFSQLA0i8pHwMX86Ui63YA4Wci62/1Fc08FM407Nw45mN+5VPlu8J8lM1EuKpyRd 9kQ916ENsFcItYGr4XOSCk9b6o4X0//J1gr1PGOXmajD+T3Bdoi3jUHP31xjXOBQ 1ozaK52gOC83FllRcdVFEJj87ddE75eblEP/4mIoziXgWFJgk3aVpqwtv9RtkMqi NeD9t6HcIgo= =9hOF -----END PGP SIGNATURE-----