Apple Releases Security Updates
Affected platforms
The following platforms are known to be affected:
Threat details
Introduction
Apple has released a security update to address two actively exploited zero-day vulnerabilities. The first vulnerability, also known as FORCEDENTRY, is related an integer overflow bug that could allow an attacker to create PDF documents that can execute commands when opened in iOS and macOS. The second vulnerability could allow an attacker to create a malicious web page that can execute commands when visited by iOS and macOS devices such as an iPhone. An attacker could exploit some of these vulnerabilities to take control of an affected device.
Remediation advice
Affected organisations are encouraged to review the Apple security page and apply the necessary updates.
Remediation steps
| Type | Step |
|---|---|
| Patch |
macOS Big Sur 11.6 https://support.apple.com/en-us/HT212804 |
| Patch |
Security Update 2021-005 Catalina https://support.apple.com/en-gb/HT212805 |
| Patch |
watchOS 7.6.2 https://support.apple.com/en-us/HT212806 |
| Patch |
iOS 14.8 https://support.apple.com/en-us/HT212807 |
| Patch |
iPadOS 14.8 https://support.apple.com/en-us/HT212807 |
| Patch |
Safari 14.1.2 https://support.apple.com/en-gb/HT212808 |
CVE Vulnerabilities
Last edited: 14 September 2021 12:33 pm