![]() ![]() Peer-to-peer money transfers: Apple Pay now allows you to transfer money to friends and family, much like Venmo.It can also instantly translate English phrases into other languages. Siri improvements: Siri, Apple's personal digital assistant, has new voices (male and female) that sound more natural.IOS 11 includes numerous tweaks, improvements, and new features. iOS 11 is free to download, like all previous versions of iOS. Impact: An attacker in Wi-Fi range may force nonce reuse in WPA multicast/GTK clients (Key Reinstallation Attacks - KRACK)Nothing. This was addressed with improved state management.ĬVE-2017-13077: Mathy Vanhoef of the imec-DistriNet group at KU LeuvenĬVE-2017-13078: Mathy Vanhoef of the imec-DistriNet group at KU LeuvenĪvailable for: iPhone 7 and later, and iPad Pro 9.7-inch (early 2016) and later Impact: An attacker in Wi-Fi range may force nonce reuse in WPA unicast/PTK clients (Key Reinstallation Attacks - KRACK)ĭescription: A logic issue existed in the handling of state transitions. Not impacted: iPhone 7, iPhone 7 Plus, iPhone 6s, iPhone 6s Plus, iPhone 6, iPhone 6 Plus, iPhone SE, iPhone 5s, iPad Air and later, and iPod Touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code executionĭescription: Multiple memory corruption issues were addressed with improved memory handling.ĬVE-2017-13783: Ivan Fratric of Google Project ZeroĬVE-2017-13784: Ivan Fratric of Google Project ZeroĬVE-2017-13785: Ivan Fratric of Google Project ZeroĬVE-2017-13791: Ivan Fratric of Google Project ZeroĬVE-2017-13792: Ivan Fratric of Google Project ZeroĬVE-2017-13793: Hanul Choi working with Trend Micro's Zero Day InitiativeĬVE-2017-13794: Ivan Fratric of Google Project ZeroĬVE-2017-13795: Ivan Fratric of Google Project ZeroĬVE-2017-13796: Ivan Fratric of Google Project ZeroĬVE-2017-13797: Ivan Fratric of Google Project ZeroĬVE-2017-13798: Ivan Fratric of Google Project ZeroĬVE-2017-13788: xisigr of Tencent's Xuanwu Lab ()ĬVE-2017-13802: Ivan Fratric of Google Project ZeroĬVE-2017-13803: chenqin (陈钦) of Ant-financial Light-Year SecurityĪvailable for: iPhone 8, iPhone 8 Plus, and iPhone X This issue was addressed through improved state management.ĬVE-2017-7113: an anonymous researcher, Duraiamuthan Harikrishnan of Tech Mahindra, Ricardo Sampayo of Bemo LtdĪvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Characters in a secure text field might be revealedĭescription: The characters in a secure text field were revealed during focus change events. Impact: A malicious zip file may be able modify restricted areas of the file systemĭescription: A path handling issue was addressed with improved validation.ĬVE-2017-13804: at KJC Research Intl. This was addressed with improved permission checking.ĬVE-2017-13805: Yiğit Can YILMAZ Ayden Panhuyzen () Impact: A person with physical access to an iOS device may be able to use Siri to read notifications of content that is set not to be displayed at the lock screenĭescription: An issue existed with Siri permissions. This issue was addressed with improved state management.ĬVE-2017-13844: Miguel Alvarado of iDeviceHelp INC Impact: A person with physical access to an iOS device may be able to access photos from the lock screenĭescription: A lock screen issue allowed access to photos via Reply With Message on a locked device. This issue was addressed through rate limiting.ĬVE-2017-13852: Xiaokuan Zhang and Yinqian Zhang of The Ohio State University, Xueqiang Wang and XiaoFeng Wang of Indiana University Bloomington, and Xiaolong Bai of Tsinghua University Impact: A malicious application may be able to learn information about the presence and operation of other applications on the device.ĭescription: An application was able to access process information maintained by the operating system unrestricted. ![]() Impact: An application may be able to execute arbitrary code with kernel privilegesĭescription: A memory corruption issue was addressed with improved memory handling.ĬVE-2017-13799: Lufeng Li of Qihoo 360 Vulcan Team Impact: Processing a maliciously crafted text file may lead to an unexpected application terminationĭescription: A denial of service issue was addressed through improved memory handling. Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
0 Comments
Leave a Reply. |