Apple Security Update

macOS High Sierra Security Update 2019-003

Apple constantly improve the security of macOS operating system. Keep your version up to date and sleep at ease.

Upgrade/Patch
macOS
1.7 GB
12,797
1.3 16 votes

Security Update 2017-004 is recommended for all users and improves the security of OS X.

This update includes the following improvements:

afclip

  • Available for: macOS Sierra 10.12.5
  • Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution
  • Description: A memory corruption issue was addressed through improved input validation.
  • CVE-2017-7016: riusksk (泉哥) of Tencent Security Platform Department

afclip

Available for: macOS Sierra 10.12.5

  • Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution
  • Description: A memory corruption issue was addressed with improved memory handling.
  • CVE-2017-7033: riusksk (泉哥) of Tencent Security Platform Department

AppleGraphicsPowerManagement

  • Available for: macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5
  • Impact: An application may be able to execute arbitrary code with system privileges
  • Description: A memory corruption issue was addressed with improved memory handling.
  • CVE-2017-7021: sss and Axis of Qihoo 360 Nirvan Team

Audio

  • Available for: macOS Sierra 10.12.5
  • Impact: Processing a maliciously crafted audio file may disclose restricted memory
  • Description: A memory corruption issue was addressed with improved memory handling.
  • CVE-2017-7015: riusksk (泉哥) of Tencent Security Platform Department

Bluetooth

  • Available for: macOS Sierra 10.12.5
  • Impact: An application may be able to execute arbitrary code with system privileges
  • Description: A memory corruption issue was addressed with improved memory handling.
  • CVE-2017-7050: Min (Spark) Zheng of Alibaba Inc.
  • CVE-2017-7051: Alex Plaskett of MWR InfoSecurity

Bluetooth

  • Available for: macOS Sierra 10.12.5
  • Impact: An application may be able to execute arbitrary code with kernel privileges
  • Description: A memory corruption issue was addressed with improved memory handling.
  • CVE-2017-7054: Alex Plaskett of MWR InfoSecurity, Lufeng Li of Qihoo 360 Vulcan Team

Contacts

  • Available for: macOS Sierra 10.12.5
  • Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution
  • Description: A buffer overflow issue was addressed through improved memory handling.
  • CVE-2017-7062: Shashank (@cyberboyIndia)

CoreAudio

  • Available for: macOS Sierra 10.12.5
  • Impact: Processing a maliciously crafted movie file may lead to arbitrary code execution
  • Description: A memory corruption issue was addressed with improved bounds checking.
  • CVE-2017-7008: Yangkang (@dnpushme) of Qihoo 360 Qex Team

curl

  • Available for: macOS Sierra 10.12.5
  • Impact: Multiple issues in curl
  • Description: Multiple issues were addressed by updating to version 7.54.0.
  • CVE-2016-9586
  • CVE-2016-9594
  • CVE-2017-2629
  • CVE-2017-7468

Foundation

  • Available for: macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5
  • Impact: Processing a maliciously crafted file may lead to arbitrary code execution
  • Description: A memory corruption issue was addressed through improved input validation.
  • CVE-2017-7031: HappilyCoded (ant4g0nist and r3dsm0k3)

Intel Graphics Driver

  • Available for: macOS Sierra 10.12.5
  • Impact: An application may be able to execute arbitrary code with system privileges
  • Description: A memory corruption issue was addressed with improved memory handling.
  • CVE-2017-7014: Lee of Minionz, Axis and sss of Qihoo 360 Nirvan Team
  • CVE-2017-7017: chenqin of Ant-financial Light-Year Security Lab (蚂蚁金服巴斯光年安全实验室)
  • CVE-2017-7035: shrek_wzw of Qihoo 360 Nirvan Team
  • CVE-2017-7044: shrek_wzw of Qihoo 360 Nirvan Team

Intel Graphics Driver

  • Available for: macOS Sierra 10.12.5
  • Impact: An application may be able to read restricted memory
  • Description: A validation issue was addressed with improved input sanitization.
  • CVE-2017-7036: shrek_wzw of Qihoo 360 Nirvan Team
  • CVE-2017-7045: shrek_wzw of Qihoo 360 Nirvan Team

IOUSBFamily

  • Available for: macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5
  • Impact: An application may be able to execute arbitrary code with kernel privileges
  • Description: A memory corruption issue was addressed with improved memory handling.
  • CVE-2017-7009: shrek_wzw of Qihoo 360 Nirvan Team

Kernel

  • Available for: macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5
  • Impact: An application may be able to execute arbitrary code with system privileges
  • Description: A memory corruption issue was addressed with improved memory handling.
  • CVE-2017-7022: an anonymous researcher
  • CVE-2017-7024: an anonymous researcher

Kernel

  • Available for: macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5
  • Impact: An application may be able to execute arbitrary code with kernel privileges
  • Description: A memory corruption issue was addressed with improved memory handling.
  • CVE-2017-7023: an anonymous researcher

Kernel

  • Available for: macOS Sierra 10.12.5
  • Impact: An application may be able to execute arbitrary code with kernel privileges
  • Description: A memory corruption issue was addressed with improved memory handling.
  • CVE-2017-7025: an anonymous researcher
  • CVE-2017-7027: an anonymous researcher
  • CVE-2017-7069: Proteas of Qihoo 360 Nirvan Team

Kernel

  • Available for: macOS Sierra 10.12.5
  • Impact: An application may be able to execute arbitrary code with system privileges
  • Description: A memory corruption issue was addressed with improved memory handling.
  • CVE-2017-7026: an anonymous researcher

Kernel

  • Available for: macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5
  • Impact: An application may be able to read restricted memory
  • Description: A validation issue was addressed with improved input sanitization.
  • CVE-2017-7028: an anonymous researcher
  • CVE-2017-7029: an anonymous researcher

Kernel

  • Available for: macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5
  • Impact: An application may be able to read restricted memory
  • Description: A validation issue was addressed with improved input sanitization.
  • CVE-2017-7067: shrek_wzw of Qihoo 360 Nirvan Team

kext tools

  • Available for: macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5
  • Impact: An application may be able to execute arbitrary code with system privileges
  • Description: A memory corruption issue was addressed with improved memory handling.
  • CVE-2017-7032: Axis and sss of Qihoo 360 Nirvan Team

libarchive

  • Available for: macOS Sierra 10.12.5
  • Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution
  • Description: A buffer overflow was addressed through improved bounds checking.
  • CVE-2017-7068: found by OSS-Fuzz

libxml2

  • Available for: macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5
  • Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information
  • Description: An out-of-bounds read was addressed through improved bounds checking.
  • CVE-2017-7010: Apple
  • CVE-2017-7013: found by OSS-Fuzz

libxpc

  • Available for: macOS Sierra 10.12.5 and OS X El Capitan 10.11.6
  • Impact: An application may be able to execute arbitrary code with system privileges
  • Description: A memory corruption issue was addressed with improved memory handling.
  • CVE-2017-7047: Ian Beer of Google Project Zero

Wi-Fi

  • Available for: macOS Sierra 10.12.5
  • Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip
  • Description: A memory corruption issue was addressed with improved memory handling.
  • CVE-2017-9417: Nitay Artenstein of Exodus Intelligence

Apple macOS Security Updates for previous versions:

Apple macOS Security Update Mountain Lion 2015-006

Apple macOS Security Update Mac EFI Security Update 2015-002

Apple macOS Security Update Server Lion 2014-004

Apple macOS Security Update Lion 2017-004

Apple macOS Security Update Snow Leopard 2013-004

Apple macOS Security Update Leopard 2012-003

Apple macOS Security Update Tiger Intel 2009-005

Apple macOS Security Update Tiger PPC 2009-005

Apps similar to Apple Security Update 4

  • 4.4
    241 votes
    macOS Mojave brings new features inspired by its most powerful users, but designed for everyone. Stay better focused on your work in Dark Mode. Automatically organize files using Stacks.
    • Freeware
    • macOS
  • 4.4
    782 votes
    macOS High Sierra helps you rediscover your best photos, shop faster and more conveniently online, and work more seamlessly between devices.
    • Freeware
    • Windows
  • 3.8
    200 votes
    iTunes is a free application for Mac and PC. It plays all your digital music and video. It syncs content to your iPod, iPhone, and Apple TV.
    • Freeware
    • macOS
  • More