Home / mailings APPLE-SA-09-16-2024-7 Xcode 16
Posted on 17 September 2024
Apple Security-announceAPPLE-SA-09-16-2024-7 Xcode 16
Xcode 16 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121239.
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
IDE Documentation
Available for: macOS Sonoma 14.5 and later
Impact: A malicious application may gain access to a user's Keychain
items
Description: This issue was addressed by enabling hardened runtime.
CVE-2024-44162: Mickey Jin (@patch1t)
IDE Tools
Available for: macOS Sonoma 14.5 and later
Impact: An attacker may be able to determine the Apple ID of the owner
of the computer
Description: A privacy issue was addressed by removing sensitive data.
CVE-2024-40862: Guilherme Rambo of Best Buddy Apps (rambo.codes)
Kernel
Available for: macOS Sonoma 14.5 and later
Impact: An app may gain unauthorized access to Bluetooth
Description: This issue was addressed through improved state management.
CVE-2024-44191: Alexander Heinrich, SEEMOO, DistriNet, KU Leuven
(@vanhoefm), TU Darmstadt (@Sn0wfreeze) and Mathy Vanhoef
Additional recognition
Reality Composer Pro
We would like to acknowledge Ron Masas of BreakPoint.sh for their
assistance.
Swift
We would like to acknowledge Banavath Aravind for their assistance.
Xcode 16 may be obtained from:
https://developer.apple.com/xcode/downloads/ To check that the Xcode
has been updated: * Select Xcode in the menu bar * Select About
Xcode * The version after applying this update will be "Xcode 16".
All information is also posted on the Apple Security Releases
web site: https://support.apple.com/100100.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
