from Hacker News

iOS 18.4, iPadOS 18.4, and macOS Sequoia 15.4 Address 60 Vulnerabilities

by samename on 3/31/25, 7:53 PM with 1 comments

  • by samename on 3/31/25, 7:57 PM

    These are only the vulnerabilities known and with a CVE. How many remain that are unknown, known but not easily fixed, being sold, or being fixed silently by Apple? The impact on these are striking. Is OS security at this scale that difficult or simply an afterthought?

    > Accessibility: Impact: An app may be able to access sensitive user data Description: A logging issue was addressed with improved data redaction.

    > Accounts: Impact: Sensitive keychain data may be accessible from an iOS backup

    > Authentication Services: Impact: Password autofill may fill in passwords after failing authentication

    > Authentication Services: Impact: A malicious website may be able to claim WebAuthn credentials from another website that shares a registrable suffix Description: This issue was addressed through improved state management.