Apple Family March 2024 1st Security Update Advisory

Overview

 

Apple(https://apple.com) has released a security update that fixes vulnerabilities in products it has been made. affected Xerox users are advised to update to the latest version.

 

Affected Products

 

MacOS Ventura

MacOS Sonoma

MacOS Monterey

Apple Watch Series 4 and later

Apple TV HD

Apple TV 4K (all models)

Apple Vision Pro

 

Resolved Vulnerabilities

 

The following vulnerabilities were patched in the March 7, 2024 product-specific update

Safari 17.4

Vulnerability in Safari Private Browsing feature that could allow access to private browsing tabs without authentication (CVE-2024-23273)

Vulnerability in WebKit functionality that could cause a denial of service due to web content handling (CVE-2024-23252)

Vulnerability in WebKit functionality that could allow a malicious website to leak audio data between sources (CVE-2024-23254)

Vulnerabilities in WebKit functions that could cause content security policies to be unenforced when handling maliciously crafted web content (CVE-2024-23263, CVE-2024-23284)

Vulnerability in WebKit functionality that could allow a user’s fingerprint to be harvested from a maliciously crafted web page (CVE-2024-23280)

MacOS Sonoma 14.4

Vulnerability in the Accessibility feature that could allow malicious apps to observe user data in log entries related to accessibility notifications (CVE-2024-23291)

Vulnerability in the Admin Framework feature that could allow an app to escalate privileges (CVE-2024-23276)

Vulnerability in the Airport feature that could allow an app to read sensitive location information (CVE-2024-23227)

Vulnerability in the AppleMobileFileIntegrity feature that could allow entitlement and privacy permissions granted to this app to be used by a malicious app (CVE-2024-23233)

Vulnerability in the AppleMobileFileIntegrity feature that could allow an app to modify protected parts of the file system (CVE-2024-23269)

Vulnerability in the AppleMobileFileIntegrity feature that could allow an app to escalate privileges (CVE-2024-23288)

Vulnerability in the Bluetooth feature that could allow an attacker in a privileged position on the network to inject keystrokes by spoofing the keyboard (CVE-2024-23277)

Vulnerability in the ColorSync feature that could allow arbitrary code execution (CVE-2024-23247)

Vulnerability in the ColorSync function that could cause a denial of service due to file handling or potentially disclose memory contents (CVE-2024-23248, CVE-2024-23249)

Vulnerability in CoreBluetooth – LE functionality that could allow an app to access a Bluetooth-connected microphone without user permission (CVE-2024-23250)

Vulnerability in the Dock feature that could allow an app with a standard user account to escalate privileges after administrator login (CVE-2024-23244)

Vulnerability in the ExtensionKit function that could allow an app to access sensitive user data (CVE-2024-23205)

Vulnerability in the file feature that could cause a denial of service due to file handling and potentially disclose memory contents (CVE-2022-48554)

Vulnerability in the Image Capture function that could allow an app to access the user’s photo library (CVE-2024-23253)

Vulnerability in the Image Processing feature that could allow arbitrary code execution (CVE-2024-23270)

Vulnerability in ImageIO function that could disclose process memory when processing an image (CVE-2024-23257)

Vulnerability in the ImageIO function could allow arbitrary code execution (CVE-2024-23258, CVE-2024-23286)

Vulnerability in the Intel Graphics Driver function that could allow arbitrary code execution (CVE-2024-23234)

Vulnerability in Kerberos v5 PAM module functionality that could allow an app to modify protected parts of the file system (CVE-2024-23266)

Vulnerability in Kernel functions that could allow an app to access user sensitive data (CVE-2024-23235)

Vulnerability in a kernel function that could allow an app to unexpectedly terminate the system or write kernel memory (CVE-2024-23265)

A vulnerability in Kernel functions that could allow an attacker with arbitrary kernel read and write capabilities to bypass kernel memory protection. Apple is aware of reports that this issue may have been exploited (CVE-2024-23225)

Vulnerability in the libxpc function that could allow an app to leave the sandbox (CVE-2024-23278)

Vulnerability in the libxpc feature that could allow arbitrary code execution (CVE-2024-0258)

Vulnerability in the MediaRemote function that could allow an app to access user sensitive data (CVE-2024-23279)

Vulnerability in the Messages feature that could allow an app to access user sensitive data (CVE-2024-23287)

Unauthorized memory area read vulnerability in the Metal feature (CVE-2024-23264)

Vulnerability in the Music feature that could allow an app to create a symbolic link to a protected area on disk (CVE-2024-23285)

Vulnerability in the Notes feature that could allow an app to access user sensitive data (CVE-2024-23283)

Vulnerabilities in the OpenSSH feature related to certain module functionality (CVE-2023-48795, CVE-2023-51384, CVE-2023-51385)

Vulnerability in the PackageKit function that could allow an app to modify protected parts of the file system (CVE-2022-42816)

Arbitrary file writable vulnerability in PackageKit functionality (CVE-2024-23216)

Vulnerability in PackageKit functionality that could allow an app to bypass certain privacy preferences (CVE-2024-23267)

Vulnerability in PackageKit functionality that could allow an app to escalate privileges (CVE-2024-23268, CVE-2024-23274)

Vulnerability in PackageKit functionality that could allow an app to access user sensitive data (CVE-2023-42853)

Vulnerability in the PackageKit function that could allow an app to access protected user data (CVE-2024-23275)

Vulnerability in the Photos feature that allows photos in hidden photo albums to be viewed without authentication (CVE-2024-23255)

Vulnerability in QuartzCore function that could allow code execution if malicious input is handled (CVE-2024-23294)

A vulnerability in RTKit functions that could allow an attacker with arbitrary kernel read and write capabilities to bypass kernel memory protection. Apple is aware of reports that this issue may have been exploited (CVE-2024-23296)

A vulnerability in Safari features that could cause a denial of service due to web content handling (CVE-2024-23259)

Vulnerability in the Safari Private Browsing feature that could allow access to the private browsing tab without authentication (CVE-2024-23273)

Vulnerability in the Sandbox feature that could allow an app to edit nvram variables (CVE-2024-23238)

Vulnerability in the Sandbox feature that could allow sensitive user information to be leaked (CVE-2024-23239)

Vulnerability in the Sandbox feature that could allow an app to access sensitive user data (CVE-2024-23290)

Vulnerability in the Screen Capture feature that could allow user screen capture (CVE-2024-23232)

Vulnerability in the Share Sheet feature that could allow an app to access user sensitive data (CVE-2024-23231)

Vulnerability in SharedFileList functionality that could allow an app to access sensitive user data (CVE-2024-23230)

Vulnerability in the Shortcuts feature that could allow third-party shortcuts to send events to an app without user consent using legacy actions in an automator (CVE-2024-23245)

Vulnerability in the Shortcuts feature that could allow an app to access a user’s contact information (CVE-2024-23292)

Vulnerability in the Siri feature that could allow someone with physical access to the device to access personal calendar information using Siri (CVE-2024-23289)

Vulnerability in the Siri feature that could allow an attacker with physical access to use Siri to access sensitive user data (CVE-2024-23293)

Vulnerability in the Spotlight feature that could allow sensitive user information to be exfiltrated (CVE-2024-23241)

Vulnerability in the Storage Services feature that could allow users to access protected areas of the file system (CVE-2024-23272)

Vulnerability in the Synapse function that could allow an app to view mail data (CVE-2024-23242)

Vulnerability in the System Settings feature that could allow an app to access sensitive user data (CVE-2024-23281)

Vulnerability in TV App functionality that could allow an app to access sensitive user data (CVE-2024-23260)

Vulnerability in UIKit functionality that could allow an app to leave the sandbox (CVE-2024-23246)

Vulnerability in WebKit functionality that could allow arbitrary code execution (CVE-2024-23226)

Vulnerability in WebKit functionality that could cause a denial of service due to web content handling (CVE-2024-23252)

Vulnerability in WebKit functionality that could allow malicious websites to leak audio data between sources (CVE-2024-23254)

Vulnerabilities in WebKit functions that could cause content security policies to be unenforced when handling maliciously crafted web content (CVE-2024-23263, CVE-2024-23284)

Vulnerability in WebKit functionality that could allow a user’s fingerprint to be harvested from a maliciously crafted web page (CVE-2024-23280)

MacOS Ventura 13.6.5

Vulnerability in the Admin Framework feature that could allow an app to escalate privileges (CVE-2024-23276)

Vulnerability in the Airport feature that could allow an app to read sensitive location information (CVE-2024-23227)

Vulnerability in the AppleMobileFileIntegrity feature that could allow an app to modify protected parts of the file system (CVE-2024-23269)

Vulnerability in the ColorSync feature that could allow arbitrary code execution (CVE-2024-23247)

Vulnerability in the CoreCrypto function that could allow an attacker to decrypt a legacy rsa pkcs#1 v1.5 ciphertext without a private key (CVE-2024-23218)

Vulnerability in the Image Processing function that could allow arbitrary code execution (CVE-2024-23270)

Vulnerability in the ImageIO function that could allow arbitrary code execution (CVE-2024-23286)

Image processing in the ImageIO function could disclose process memory (CVE-2024-23257)

Vulnerability in the Intel Graphics Driver function that could allow arbitrary code execution (CVE-2024-23234)

Vulnerability in Kerberos v5 PAM module functionality that could allow an app to modify protected parts of the file system (CVE-2024-23266)

Vulnerability in Kernel functions that could allow an app to unexpectedly shut down the system or write kernel memory (CVE-2024-23265)

A vulnerability in Kernel functions that could allow an attacker with arbitrary kernel read and write capabilities to bypass kernel memory protection. Apple is aware of reports that this issue may have been exploited (CVE-2024-23225)

Vulnerability in the libxpc function that could allow an app to cause a denial of service (CVE-2024-23201)

Vulnerability in the libxpc function that could allow an app to leave the sandbox (CVE-2024-23278)

Vulnerability in the MediaRemote feature that could allow an app to access sensitive user data (CVE-2023-28826)

Unauthorized memory region read vulnerability in the Metal feature (CVE-2024-23264)

Vulnerability in the Notes feature that could allow an app to access sensitive user data (CVE-2024-23283)

Vulnerability in the PackageKit feature that could allow an app to escalate privileges (CVE-2024-23274, CVE-2024-23268)

Vulnerability in PackageKit functionality that could allow an app to access protected user data (CVE-2024-23275)

Vulnerability in PackageKit functionality that could allow an app to bypass certain privacy preferences (CVE-2024-23267)

Arbitrary file writable vulnerability in the PackageKit feature (CVE-2024-23216)

Vulnerability in the Share Sheet function that could allow an app to access user sensitive data (CVE-2024-23231)

Vulnerability in the SharedFileList function that could allow an app to access sensitive user data (CVE-2024-23230)

Vulnerabilities in the Shortcuts feature that allow shortcuts to use sensitive data with certain actions without prompting the user (CVE-2024-23203, CVE-2024-23204)

Vulnerability in the Shortcuts feature that allows third-party shortcuts to use legacy actions in automators to send events to apps without user consent (CVE-2024-23245)

Vulnerability in the Shortcuts feature that could allow an app to bypass certain privacy preferences (CVE-2024-23217)

Vulnerability in the Storage Services feature that could allow a user to access protected areas of the file system (CVE-2024-23272)

MacOS Monterey 12.7.4

Vulnerability in the Admin Framework feature that could allow an app to escalate privileges (CVE-2024-23276)

Vulnerability in the Airport feature that could allow an app to read sensitive location information (CVE-2024-23227)

Vulnerability in the AppleMobileFileIntegrity feature that could allow an app to modify protected parts of the file system (CVE-2024-23269)

Vulnerability in the ColorSync feature that could allow arbitrary code execution (CVE-2024-23247)

Vulnerability in the CoreCrypto function that could allow an attacker to decrypt legacy rsa pkcs#1 v1.5 ciphertexts without a private key (CVE-2024-23218)

Vulnerability in the Dock feature that allows apps in the standard user account to escalate privileges after administrator login (CVE-2024-23244)

Vulnerability in the Image Processing feature that could allow arbitrary code execution (CVE-2024-23270)

Vulnerability in the ImageIO function that could allow arbitrary code execution (CVE-2024-23286)

Image processing in the ImageIO function could disclose process memory (CVE-2024-23257)

Vulnerability in the Intel Graphics Driver function that could allow arbitrary code execution (CVE-2024-23234)

Vulnerability in Kerberos v5 PAM module functionality that could allow an app to modify protected parts of the file system (CVE-2024-23266)

Vulnerability in Kernel functions that could allow an app to unexpectedly shut down the system or write kernel memory (CVE-2024-23265)

A vulnerability in Kernel functions that could allow an attacker with arbitrary kernel read and write capabilities to bypass kernel memory protection. Apple is aware of reports that this issue may have been exploited (CVE-2024-23225)

Vulnerability in the libxpc function that could allow an app to cause a denial of service (CVE-2024-23201)

Vulnerability in the MediaRemote feature that could allow an app to access sensitive user data (CVE-2023-28826)

Unauthorized memory region read vulnerability in the Metal feature (CVE-2024-23264)

Vulnerability in the Notes feature that could allow an app to access sensitive user data (CVE-2024-23283)

Vulnerability in the PackageKit feature that could allow an app to escalate privileges (CVE-2024-23274, CVE-2024-23268)

Vulnerability in PackageKit functionality that could allow an app to access protected user data (CVE-2024-23275)

Vulnerability in PackageKit functionality that could allow an app to bypass certain privacy preferences (CVE-2024-23267)

Arbitrary file writable vulnerability in the PackageKit function (CVE-2024-23216)

Vulnerability in the SharedFileList function that could allow an app to access sensitive user data (CVE-2024-23230)

Vulnerability in the Shortcuts feature that could allow shortcuts to consume sensitive data with certain actions without prompting the user (CVE-2024-23204)

Vulnerability in the Shortcuts feature that allows third-party shortcuts to use legacy actions in automators to send events to apps without user consent (CVE-2024-23245)

Vulnerability in the Storage Services feature that allows users to access protected areas of the file system (CVE-2024-23272)

WatchOS 10.4

Vulnerability in the Accessibility feature that allows malicious apps to observe user data in log entries related to accessibility notifications (CVE-2024-23291)

Vulnerability in the AppleMobileFileIntegrity feature that could allow an app to escalate privileges (CVE-2024-23288)

Vulnerability in the CoreBluetooth – LE feature that could allow an app to access a Bluetooth-connected microphone without user permission (CVE-2024-23250)

Vulnerability in the file function that could cause a denial of service or potentially disclose memory contents due to file handling (CVE-2022-48554)

Vulnerability in the ImageIO function that could allow arbitrary code execution (CVE-2024-23286)

Vulnerability in a Kernel function that could allow an app to access user sensitive data (CVE-2024-23235)

Vulnerability in a kernel function that could allow an app to unexpectedly crash the system or write kernel memory (CVE-2024-23265)

A vulnerability in Kernel functions that could allow an attacker with arbitrary kernel read and write capabilities to bypass kernel memory protection. Apple is aware of reports that this issue may have been exploited (CVE-2024-23225)

Vulnerability in the libxpc function that could allow an app to leave the sandbox (CVE-2024-23278)

Vulnerability in the libxpc function that could allow arbitrary code execution (CVE-2024-0258)

Vulnerability in the MediaRemote feature that could allow malicious applications to access certain data (CVE-2024-23297)

Vulnerability in the Messages feature that could allow an app to access user sensitive data (CVE-2024-23287)

A vulnerability in the RTKit feature that could allow an attacker with arbitrary kernel read and write capabilities to bypass kernel memory protection. Apple is aware of reports that this issue may have been exploited (CVE-2024-23296)

Vulnerability in the Sandbox feature that could allow sensitive user information to be leaked (CVE-2024-23239)

Vulnerability in the Sandbox feature that could allow an app to access sensitive user data (CVE-2024-23290)

Vulnerability in the Share Sheet feature that could allow an app to access sensitive user data (CVE-2024-23231)

Vulnerability in the Siri feature that could allow someone with physical access to the device to access personal calendar information using Siri (CVE-2024-23289)

Vulnerability in the Siri feature that could allow an attacker with physical access to use Siri to access sensitive user data (CVE-2024-23293)

Vulnerability in UIKit functionality that could allow an app to leave the sandbox (CVE-2024-23246)

Vulnerability in WebKit functionality that could allow arbitrary code execution (CVE-2024-23226)

Vulnerability in WebKit functionality that could allow malicious websites to leak audio data between sources (CVE-2024-23254)

Vulnerabilities in WebKit functions that could allow maliciously crafted web content to be handled without content security policies being enforced (CVE-2024-23263, CVE-2024-23284)

Vulnerability in WebKit functionality that could allow a user’s fingerprint to be taken from a maliciously crafted web page (CVE-2024-23280)

TvOS 17.4

Vulnerability in the Accessibility feature that could allow malicious apps to observe user data in log entries related to accessibility notifications (CVE-2024-23291)

Vulnerability in the AppleMobileFileIntegrity feature that could allow an app to escalate privileges (CVE-2024-23288)

Vulnerability in the CoreBluetooth – LE feature that could allow an app to access a Bluetooth-connected microphone without user permission (CVE-2024-23250)

Vulnerability in the file function that could cause a denial of service or potentially disclose memory contents due to file handling (CVE-2022-48554)

Vulnerability in the Image Processing function that could allow arbitrary code execution (CVE-2024-23270)

Vulnerability in the ImageIO function that could allow arbitrary code execution (CVE-2024-23286)

Vulnerability in Kernel functions that could allow an app to access user sensitive data (CVE-2024-23235)

Vulnerability in a kernel function that could allow an app to unexpectedly crash the system or write kernel memory (CVE-2024-23265)

A vulnerability in Kernel functions that could allow an attacker with arbitrary kernel read and write capabilities to bypass kernel memory protection. Apple is aware of reports that this issue may have been exploited (CVE-2024-23225)

Vulnerability in the libxpc function that could allow an app to leave the sandbox (CVE-2024-23278)

Vulnerability in the libxpc function that could allow arbitrary code execution (CVE-2024-0258)

Vulnerability in the MediaRemote function that could allow malicious applications to access certain data (CVE-2024-23297)

Unauthorized memory region read vulnerability in the Metal function (CVE-2024-23264)

A vulnerability in the RTKit feature that could allow an attacker with arbitrary kernel read and write capabilities to bypass kernel memory protection. Apple is aware of reports that this issue may have been exploited (CVE-2024-23296)

Vulnerability in the Sandbox feature that could allow sensitive user information to be leaked (CVE-2024-23239)

Vulnerability in the Sandbox feature that could allow an app to access sensitive user data (CVE-2024-23290)

Vulnerability in the Siri feature that could allow an attacker with physical access to use Siri to access sensitive user data (CVE-2024-23293)

Vulnerability in the Spotlight feature that could allow sensitive user information to be exfiltrated (CVE-2024-23241)

Vulnerability in UIKit functionality that could allow an app to leave the sandbox (CVE-2024-23246)

Vulnerability in WebKit functionality that could allow arbitrary code execution (CVE-2024-23226)

Vulnerability in WebKit functionality that could allow a malicious website to leak audio data between sources (CVE-2024-23254)

Vulnerabilities in WebKit functions that could allow maliciously crafted web content to be handled without content security policies being enforced (CVE-2024-23263, CVE-2024-23284)

Vulnerability in WebKit functionality that could allow a user’s fingerprint to be taken from a maliciously crafted web page (CVE-2024-23280)

VisionOS 1.1

Vulnerability in the Accessibility feature that could allow spoofing of system notifications and UI information (CVE-2024-23262)

Vulnerability in the ImageIO function that could disclose process memory when processing an image (CVE-2024-23257)

Vulnerabilities in ImageIO functions that could allow arbitrary code execution (CVE-2024-23258, CVE-2024-23286)

Vulnerability in Kernel functions that could allow an app to access user sensitive data (CVE-2024-23235)

Vulnerability in a kernel function that could allow an app to unexpectedly terminate the system or write kernel memory (CVE-2024-23265)

A vulnerability in Kernel functions that could allow an attacker with arbitrary kernel read and write capabilities to bypass kernel memory protection. Apple is aware of reports that this issue may have been exploited (CVE-2024-23225)

Unauthorized memory area read vulnerability in the Metal feature (CVE-2024-23264)

Vulnerability in the Persona feature that could allow an unauthenticated user to use an unprotected persona (CVE-2024-23295)

A vulnerability in the RTKit feature that could allow an attacker with arbitrary kernel read and write capabilities to bypass kernel memory protection. Apple is aware of reports that this issue may have been exploited (CVE-2024-23296)

A vulnerability in Safari features that could allow apps to recognize a user’s fingerprint (CVE-2024-23220)

Vulnerability in UIKit features that could allow an app to escape the sandbox (CVE-2024-23246)

Vulnerability in WebKit functionality that could allow arbitrary code execution (CVE-2024-23226)

Vulnerability in WebKit functionality that could allow malicious websites to leak audio data between sources (CVE-2024-23254)

Vulnerabilities in WebKit functionality that could cause content security policies to not be enforced when handling maliciously crafted web content (CVE-2024-23263, CVE-2024-23284)

 

Referenced Sites

 

Security Bulletins and Advisories

https://support.apple.com/en-us/HT201222

Safari 17.4

https://support.apple.com/kb/HT214089

MacOS Sonoma 14.4

https://support.apple.com/kb/HT214084

MacOS Ventura 13.6.5

https://support.apple.com/kb/HT214085

MacOS Monterey 12.7.4

https://support.apple.com/kb/HT214083

WatchOS 10.4

https://support.apple.com/kb/HT214088

TvOS 17.4

https://support.apple.com/kb/HT214086

VisionOS 1.1

https://support.apple.com/kb/HT214087