{"id":59768,"date":"2024-09-17T20:29:49","date_gmt":"2024-09-17T17:29:49","guid":{"rendered":"https:\/\/packetstormsecurity.com\/files\/181573\/APPLE-SA-09-16-2024-7.txt"},"modified":"2024-09-17T20:29:49","modified_gmt":"2024-09-17T17:29:49","slug":"apple-security-advisory-09-16-2024-7","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/apple-security-advisory-09-16-2024-7\/","title":{"rendered":"Apple Security Advisory 09-16-2024-7"},"content":{"rendered":"<p>&#8212;&#8211;BEGIN PGP SIGNED MESSAGE&#8212;&#8211;<br \/>Hash: SHA256<\/p>\n<p>APPLE-SA-09-16-2024-7 Xcode 16<\/p>\n<p>Xcode 16 addresses the following issues.<br \/>Information about the security content is also available at<br \/>https:\/\/support.apple.com\/121239.<\/p>\n<p>Apple maintains a Security Releases page at<br \/>https:\/\/support.apple.com\/100100 which lists recent<br \/>software updates with security advisories.<\/p>\n<p>IDE Documentation<br \/>Available for: macOS Sonoma 14.5 and later<br \/>Impact: A malicious application may gain access to a user&#8217;s Keychain<br \/>items<br \/>Description: This issue was addressed by enabling hardened runtime.<br \/>CVE-2024-44162: Mickey Jin (@patch1t)<\/p>\n<p>IDE Tools<br \/>Available for: macOS Sonoma 14.5 and later<br \/>Impact: An attacker may be able to determine the Apple ID of the owner<br \/>of the computer<br \/>Description: A privacy issue was addressed by removing sensitive data.<br \/>CVE-2024-40862: Guilherme Rambo of Best Buddy Apps (rambo.codes)<\/p>\n<p>Kernel<br \/>Available for: macOS Sonoma 14.5 and later<br \/>Impact: An app may gain unauthorized access to Bluetooth<br \/>Description: This issue was addressed through improved state management.<br \/>CVE-2024-44191: Alexander Heinrich, SEEMOO, DistriNet, KU Leuven<br \/>(@vanhoefm), TU Darmstadt (@Sn0wfreeze) and Mathy Vanhoef<\/p>\n<p>Additional recognition<\/p>\n<p>Reality Composer Pro<br \/>We would like to acknowledge Ron Masas of BreakPoint.sh for their<br \/>assistance.<\/p>\n<p>Swift<br \/>We would like to acknowledge Banavath Aravind for their assistance.<\/p>\n<p>Xcode 16 may be obtained from:<br \/>https:\/\/developer.apple.com\/xcode\/downloads\/ To check that the Xcode<br \/>has been updated: * Select Xcode in the menu bar * Select About<br \/>Xcode * The version after applying this update will be &#8220;Xcode 16&#8221;.<\/p>\n<p>All information is also posted on the Apple Security Releases<br \/>web site: https:\/\/support.apple.com\/100100.<\/p>\n<p>This message is signed with Apple&#8217;s Product Security PGP key,<br \/>and details are available at:<br \/>https:\/\/www.apple.com\/support\/security\/pgp\/<br \/>&#8212;&#8211;BEGIN PGP SIGNATURE&#8212;&#8211;<\/p>\n<p>iQIzBAEBCAAdFiEEsz9altA7uTI+rE\/qX+5d1TXaIvoFAmboyXkACgkQX+5d1TXa<br \/>IvqCRxAAg1rkAKtcgeWhSMqBPcPT8p3dpGm0gm6f5bIIJHefxwmHcNjS6GJh7Doi<br \/>g3Dv+MJiGLOa\/B0fqdDlAuimxAyW5KrMKl4oXHmo0Hl0D8SHi2f+NL3JI91SmZts<br \/>rs1L4VpbR9uUJTCoXeZOXVH+LnXDN6jfUpD5+23kFJtuRBGw8a7BHRD1H0sl7yi9<br \/>sS8n6zvYujiQyS8zP1NWkpxVMaLwTqFuE4gLR7Whjod70cPkQOzUpa2pmvA\/xSXQ<br \/>hpT8jhV1EVXVCGySkOmks3sdOxMg2PTTJ0l1r\/hsLZSOhvbG6XyLPp1Y79uGLsnn<br \/>aZIIHdHg9DWyoy8KNbgMsyjQC5\/ZMkcEQloIgdx\/vH3L0WDEa+\/sZObrkERAKhZi<br \/>qJneaBWmasy\/I6QuoBihyo1EJhXRcDgw\/7wjJaTPxJVJEAEVXMnwhz4UokvAE6CU<br \/>Jo4qH1Yi6LLbCFuSUKUzJTq6OC0kssVp6Se2WAaqIm+5+374BgW\/x2diaS1eLgYo<br \/>e6db73koL1apAgP4vMvg3GUTA0\/e4siZ9rAKYnRTghPWaKMX93Yeab9xHh5tNKb7<br \/>INav09fDLuGBs97oe9pBfDFajYACaGdmYDA\/mtoKchMt5gkgcovysjfV51KXdz8L<br \/>dMGDYdOAtf0Lg0YkyuKEPzfYIoeTBKhWq1hZYS+ZQVULd5gkysM=<br \/>=o+oG<br \/>&#8212;&#8211;END PGP SIGNATURE&#8212;&#8211;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8212;&#8211;BEGIN PGP SIGNED MESSAGE&#8212;&#8211;Hash: SHA256 APPLE-SA-09-16-2024-7 Xcode 16 Xcode 16 addresses the following issues.Information about the security content is also available athttps:\/\/support.apple.com\/121239. Apple maintains a Security Releases page athttps:\/\/support.apple.com\/100100 which lists recentsoftware updates with security advisories. IDE DocumentationAvailable for: macOS Sonoma 14.5 and laterImpact: A malicious application may gain access to a user&#8217;s KeychainitemsDescription: This &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-59768","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/59768","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=59768"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/59768\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=59768"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=59768"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=59768"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}