CVE-2017-13832 Apple macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan Not Installed

漏洞类别:Local

漏洞等级:

漏洞信息

Apple macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan Not Installed.

An update is available to resolve multiple security vulnerabilities.
Additional information regarding the update can be found at HT208221.
Multiple vulnerabilities were reported in Apple macOS/OS X. QID Detection Logic (authenticated):
This QID looks for the missing security patches from High Sierra, Sierra and El Capitan.

漏洞危害

A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user’s system.
An application can obtain potentially sensitive information from system memory on the target system.
An application can obtain elevated privileges on the target system.
A remote user can obtain potentially sensitive information on the target system.

解决方案

The vendor has issued a fix (10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan).
The update can be downloaded and installed via Apple Downloads.

For more information regarding the update can be found at HT208221.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

HT208221

Leave a Reply