===================================================================                               CERT-Renater

                     Note d'Information No. 2023/VULN313

_____________________________________________________________________

DATE                : 12/09/2023

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): macOS versions prior to Big Sur 11.7.10,
                                  Monterey 12.6.9.

====================================================================https://lists.apple.com/archives/security-announce/2023/Sep/msg00005.html
https://lists.apple.com/archives/security-announce/2023/Sep/msg00004.html
_____________________________________________________________________


APPLE-SA-2023-09-11-3 macOS Big Sur 11.7.10

macOS Big Sur 11.7.10 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT213915.

Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

ImageIO
Available for: macOS Big Sur
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution. Apple is aware of a report that this issue may have
been actively exploited.

Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2023-41064: The Citizen Lab at The University of Torontoʼs Munk
School

macOS Big Sur 11.7.10 may be obtained from the Mac App Store or
Apple's Software Downloads web site:
https://support.apple.com/downloads/
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

_____________________________________________________________________

APPLE-SA-2023-09-11-2 macOS Monterey 12.6.9

macOS Monterey 12.6.9 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT213914.

Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

ImageIO
Available for: macOS Monterey
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution. Apple is aware of a report that this issue may have
been actively exploited.
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2023-41064: The Citizen Lab at The University of Torontoʼs Munk
School

macOS Monterey 12.6.9 may be obtained from the Mac App Store or
Apple's Software Downloads web site:
https://support.apple.com/downloads/
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/


========================================================+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=======================================================