Home / mailingsPDF  

APPLE-SA-2023-09-21-4 watchOS 10.0.1

Posted on 21 September 2023
Apple Security-announce

APPLE-SA-2023-09-21-4 watchOS 10.0.1

watchOS 10.0.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT213928.

Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

Kernel
Available for: Apple Watch Series 4 and later
Impact: A local attacker may be able to elevate their privileges. Apple
is aware of a report that this issue may have been actively exploited
against versions of iOS before iOS 16.7.
Description: The issue was addressed with improved checks.
CVE-2023-41992: Bill Marczak of The Citizen Lab at The University of
Toronto's Munk School and Maddie Stone of Google's Threat Analysis Group

Security
Available for: Apple Watch Series 4 and later
Impact: A malicious app may be able to bypass signature
validation. Apple is aware of a report that this issue may have been
actively exploited against versions of iOS before iOS 16.7.
Description: A certificate validation issue was addressed.
CVE-2023-41991: Bill Marczak of The Citizen Lab at The University of
Toronto's Munk School and Maddie Stone of Google's Threat Analysis Group

Instructions on how to update your Apple Watch software are available
at https://support.apple.com/kb/HT204641 To check the version on
your Apple Watch, open the Apple Watch app on your iPhone and select
"My Watch > General > About". Alternatively, on your watch, select
"My Watch > General > About".
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

 

TOP