"MacOS 14 Sonoma Patches 60 Vulnerabilities"
Apple recently announced the release of macOS 14 Sonoma. Apple noted that the latest version of the operating system patches more than 60 vulnerabilities. Apple stated that the flaws can be exploited to obtain potentially sensitive information (location, calendar, contacts, photos, credentials), execute arbitrary code with elevated privileges, escape the sandbox, read arbitrary files, cause a denial-of-service (DoS) condition, escalate privileges, bypass security mechanisms, delete files, modify protected parts of the file system, and conduct UI spoofing. Apple noted that while some of these vulnerabilities can be exploited remotely by getting the targeted user to access a specially crafted website, a majority require the presence of a malicious app on the targeted device. A few of these vulnerabilities were first patched with previous updates, including CVE-2023-41993, which has been exploited as a zero-day to deliver spyware to iPhones. Apple also released an iOS 17 update recently but said it does not patch any security flaws.
SecurityWeek reports: "MacOS 14 Sonoma Patches 60 Vulnerabilities"