Apple has released security updates for several of its products to address vulnerabilities that could allow an attacker to take control of an infected system.
The vulnerabilities affect iCloud for Windows, Safari, iTunes, various macOS versions, tvOS and iOS, among other products, according to a Dec. 5 US-CERT advisory.
“NCCIC encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates,” the advisory said.
The iOS updates include patches for a type confusion issue in Airport that could be exploited to elevate privileges, a lock screen issue in FaceTime that could allow a local attacker to view contacts from the lock screen, and several Kernel flaws that can lead to escalated privileges.
The update also addresses iTunes issues in Safari for Windows 7 and later which could lead to address bar spoofing as well as user interface spoofing.
