Apple Family Security Update Advisory

Overview

 

Apple hasreleased an update to address a vulnerability in their products. Users of affected versions are advised to update to the latest version.

 

Affected Products

CVE-2024-40804

  • Apple macOS Sonoma versions: ~ 14.6 (excluded)

 

CVE-2024-40783

  • Apple macOS Monterey versions: ~ 12.7.6 (excluded)
  • Apple macOS Sonoma versions: ~ 14.6 (excluded)
  • Apple macOS Ventura versions: ~ 13.6.8 (excluded)

 

CVE-2024-40799

  • Apple iPhone (8, 8 Plus, X) versions: ~ 16.7.9 (excluded)
  • Apple iPad 5th generation versions: ~ 16.7.9 (excluded)
  • Apple iPad Pro (9.7-inch, 12.9-inch 1st generation) versions: ~ 16.7.9 (excluded)

 

  • Apple iPhone XS or later versions: ~ 17.6 (excluded)
  • Apple iPad Pro (13-inch, 12.9-inch 2nd generation or later, 10.5-inch, 11-inch 1st generation or later) versions: ~ 17.6 (excluded)
  • Apple iPad Air (3rd generation or later) versions: ~ 17.6 (excluded)
  • Apple iPad 6th generation or later versions: ~ 17.6 (excluded)
  • Apple iPad mini 5th generation or later versions: ~ 17.6 (excluded)

 

  • Apple macOS Monterey versions: ~ 12.7.6 (excluded)
  • Apple macOS Sonoma versions: ~ 14.6 (excluded)
  • Apple macOS Ventura versions: ~ 13.6.8 (excluded)

 

  • Apple TV (HD, 4K) all versions: ~ 17.6 (excluded)
  • Apple Vision Pro versions: ~ 1.3 (excluded)
  • Apple Watch Series 4 or later versions: ~ 10.6 (excluded)

 

CVE-2024-40774

  • Apple iPhone XS or later versions: ~ 17.6 (excluded)
  • Apple iPad Pro (13-inch, 12.9-inch 2nd generation or later, 10.5-inch, 11-inch 1st generation or later) versions: ~ 17.6 (excluded)
  • Apple iPad Air (3rd generation or later) versions: ~ 17.6 (excluded)
  • Apple iPad 6th generation or later versions: ~ 17.6 (excluded)
  • Apple iPad mini 5th generation or later versions: ~ 17.6 (excluded)

 

  • Apple macOS Monterey versions: ~ 12.7.6 (excluded)
  • Apple macOS Sonoma versions: ~ 14.6 (excluded)
  • Apple macOS Ventura versions: ~ 13.6.8 (excluded)

 

  • Apple TV (HD, 4K) all versions: ~ 17.6 (excluded)
  • Apple Watch Series 4 or later versions: ~ 10.6 (excluded)

 

CVE-2024-40817

  • Apple macOS Monterey versions: ~ 12.7.6 (excluded)
  • Apple macOS Sonoma versions: ~ 14.6 (excluded)
  • Apple macOS Ventura versions: ~ 13.6.8 (excluded)

 

  • Apple Safari (for macOS Monterey, Ventura installations) versions: ~ 17.6 (excluded)

 

CVE-2024-27826

  • Apple iPhone XS or later versions: ~ 17.5 (excluded)
  • Apple iPad Pro (13-inch, 12.9-inch 3rd generation or later, 10.5-inch, 11-inch 1st generation or later) versions: ~ 17.5 (excluded)
  • Apple iPad Air (3rd generation or later) versions: ~ 17.5 (excluded)
  • Apple iPad 8th generation or later versions: ~ 17.5 (excluded)
  • Apple iPad mini 5th generation or later versions: ~ 17.5 (excluded)

 

  • Apple TV (HD, 4K) all versions: ~ 17.5 (excluded)
  • Apple Watch Series (9, Ultra 2) versions: ~ 10.5 (excluded)
  • Apple macOS Sonoma versions: ~ 14.5 (excluded)
  • Apple macOS Monterey versions: ~ 12.7.6 (excluded)
  • Apple macOS Ventura versions: ~ 13.6.8 (excluded)
  • Apple Vision Pro versions: ~ 1.3 (excluded)

 

 

Resolved Vulnerabilities

Vulnerability that could allow malicious applications to access personal information (CVE-2024-40804)
Vulnerability that could allow malicious applications to bypass privacy preferences (CVE-2024-40783)

Vulnerability that could cause an app to terminate unexpectedly when handling a maliciously crafted file (CVE-2024-40799)
Vulnerability that could allow an application to bypass privacy preferences (CVE-2024-40774)
Vulnerability that could allow UI spoofing when visiting a website that frames malicious content (CVE-2024-40817)
Vulnerability that could allow an application to execute arbitrary code with kernel privileges (CVE-2024-27826)

 

Vulnerability Patches

Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

 

CVE-2024-40804

  • Apple macOS Sonoma version: 14.6

 

CVE-2024-40783

  • Apple macOS Monterey version: 12.7.6
  • Apple macOS Sonoma version: 14.6
  • Apple macOS Ventura version: 13.6.8

 

CVE-2024-40799

  • Apple iPhone (8, 8 Plus, X) version: 16.7.9
  • Apple iPad (5th generation) version: 16.7.9
  • Apple iPad Pro (9.7-inch, 12.9-inch 1st generation) version: 16.7.9

 

  • Apple iPhone XS or later versions: ~ 17.6
  • Apple iPad Pro (13-inch, 12.9-inch 2nd generation or later, 10.5-inch, 11-inch 1st generation or later) versions: 17.6
  • Apple iPad Air 3rd generation or later versions: 17.6
  • Apple iPad 6th generation or later versions: 17.6
  • Apple iPad mini 5th generation or later versions: 17.6

 

  • Apple macOS Monterey version: 12.7.6
  • Apple macOS Sonoma version: 14.6
  • Apple macOS Ventura version: 13.6.8

 

  • Apple TV (HD, 4K) all versions: 17.6
  • Apple Vision Pro version: 1.3
  • Apple Watch Series 4 or later versions: 10.6

 

CVE-2024-40774

  • Apple iPhone XS or later versions: 17.6
  • Apple iPad Pro (13-inch, 12.9-inch 2nd generation or later, 10.5-inch, 11-inch 1st generation or later) versions: 17.6
  • Apple iPad Air 3rd generation or later versions: 17.6
  • Apple iPad 6th generation or later versions: 17.6
  • Apple iPad mini 5th generation or later versions: 17.6

 

  • Apple macOS Monterey version: 12.7.6
  • Apple macOS Sonoma version: 14.6
  • Apple macOS Ventura version: 13.6.8

 

  • Apple TV (HD, 4K) all versions: 17.6
  • Apple Watch Series 4 or later versions: 10.6

 

CVE-2024-40817

  • Apple macOS Monterey version: 12.7.6
  • Apple macOS Sonoma version: 14.6
  • Apple macOS Ventura version: 13.6.8

 

  • Apple Safari (for macOS Monterey, Ventura installations) versions: 17.6

 

CVE-2024-27826

  • Apple iPhone XS or later version: 17.5
  • Apple iPad Pro (13-inch, 12.9-inch 3rd generation or later, 10.5-inch, 11-inch 1st generation or later) versions: 17.5
  • Apple iPad Air 3rd generation or later versions: 17.5
  • Apple iPad 8th generation or later versions: 17.5
  • Apple iPad mini 5th generation or later versions: 17.5

 

  • Apple TV (HD, 4K) all versions: 17.5
  • Apple Watch Series (9, Ultra 2) versions: 10.5
  • Apple macOS Sonoma version: 14.5
  • Apple macOS Monterey version: 12.7.6
  • Apple macOS Ventura version: 13.6.8
  • Apple Vision Pro version: 1.3

 

 

Referenced Sites

[1] CVE-2024-40804 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-40804

[2] CVE-2024-40783 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-40783

[3] CVE-2024-40799 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-40799

[4] CVE-2024-40774 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-40774

[5] CVE-2024-40817 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-40817

[6] CVE-2024-27826 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-27826

[7] About the security content of iOS 17.5 and iPadOS 17.5

https://support.apple.com/en-us/HT214101

[8] About the security content of tvOS 17.5

https://support.apple.com/en-us/HT214102

[9] About the security content of watchOS 10.5

https://support.apple.com/en-us/HT214104

[10]About the security content of macOS Sonoma 14.5

https://support.apple.com/en-us/HT214106

[11] About the security content of iOS 16.7.9 and iPadOS 16.7.9

https://support.apple.com/en-us/HT214116

[12] About the security content of iOS 17.6 and iPadOS 17.6

https://support.apple.com/en-us/HT214117

[13] About the security content of macOS Monterey 12.7.6

https://support.apple.com/en-us/HT214118

[14] About the security content of macOS Sonoma 14.6

https://support.apple.com/en-us/HT214119

[15] About the security content of macOS Ventura 13.6.8

https://support.apple.com/en-us/HT214120

[16] About the security content of Safari 17.6

https://support.apple.com/en-us/HT214121

[17]About the security content of tvOS 17.6

https://support.apple.com/en-us/HT214122

[18] About the security content of visionOS 1.3

https://support.apple.com/en-us/HT214123

[19] About the security content of watchOS 10.6

https://support.apple.com/en-us/HT214124

Article Link: https://asec.ahnlab.com/en/82143/