Disponible versión final 10.14.1 con un pack megadolon de parches desde wi-fi hasta red, dns, vpn, gráficos y Kernel.
Se nota que estamos vendidos con Apple je je
Lo que soluciona 10.14.1
Dock
Available for: macOS Mojave 10.14
Impact: A malicious application may be able to access restricted files
Description: This issue was addressed by removing additional entitlements.
dyld
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14
Impact: A malicious application may be able to elevate privileges
Description: A logic issue was addressed with improved validation.
EFI
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14
Impact: A local user may be able to modify protected parts of the file system
Description: A configuration issue was addressed with additional restrictions.
ICU
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14
Impact: Processing a maliciously crafted string may lead to heap corruption
Description: A memory corruption issue was addressed with improved input validation.
IOGraphics
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
IOKit
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14
Impact: An application may be able to execute arbitrary code with system privileges
Description: A memory corruption issue was addressed with improved memory handling.
IPSec
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14
Impact: An application may be able to gain elevated privileges
Description: An out-of-bounds read was addressed with improved input validation.
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed by removing the vulnerable code
Kernel
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
Kernel
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14
Impact: An application may be able to read restricted memory
Description: A memory initialization issue was addressed with improved memory handling.
Kernel
Available for: macOS Mojave 10.14
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A buffer overflow was addressed with improved size validation.
Mail
Available for: macOS Mojave 10.14
Impact: Processing a maliciously crafted mail message may lead to UI spoofing
Description: An inconsistent user interface issue was addressed with improved state management.
Microcode
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14
Impact: Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis
Description: An information disclosure issue was addressed with a microcode update. This ensures that implementation specific system registers cannot be leaked via a speculative execution side-channel.
NetworkExtension
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14
Impact: Connecting to a VPN server may leak DNS queries to a DNS proxy
Description: A logic issue was addressed with improved state management.
Security
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14
Impact: Processing a maliciously crafted S/MIME signed message may lead to a denial of service
Description: A validation issue was addressed with improved logic.
WiFi
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14
Impact: An attacker in a privileged position may be able to perform a denial of service attack
Description: A denial of service issue was addressed with improved validation.