Apple Patches (almost) everything again. March 2026 edition., (Wed, Mar 25th)
好的,我现在需要帮用户总结一篇文章的内容,控制在100个字以内,并且不需要特定的开头。首先,我得仔细阅读用户提供的文章内容。 文章主要讲的是Apple发布了新的操作系统版本,修复了85个漏洞。这些漏洞影响了多个操作系统,包括macOS、iOS/iPadOS、tvOS、watchOS和visionOS。值得注意的是,虽然修复了这么多漏洞,但目前还没有这些漏洞被利用的报告。 接下来,我需要提取关键信息:Apple发布新系统版本,修复85个漏洞,涵盖多个平台,没有被利用的情况。然后,我要把这些信息浓缩成100字以内的中文总结。 可能的结构是先说明发布新版本,然后提到修复了多少漏洞,覆盖哪些系统,最后指出这些漏洞尚未被利用。这样既全面又简洁。 现在组织语言:Apple发布了新的操作系统版本,修复了85个漏洞。这些漏洞影响了macOS、iOS/iPadOS、tvOS、watchOS和visionOS等多个平台。目前尚未有这些漏洞被利用的报告。 检查字数是否在限制内,并确保没有使用任何特定的开头词。这样应该符合用户的要求。 </think> Apple发布了新的操作系统版本,修复了85个安全漏洞,覆盖macOS、iOS/iPadOS、tvOS、watchOS和visionOS等平台。目前这些漏洞尚未被利用。 2026-3-25 21:29:57 Author: isc.sans.edu(查看原文) 阅读量:2 收藏
好的,我现在需要帮用户总结一篇文章的内容,控制在100个字以内,并且不需要特定的开头。首先,我得仔细阅读用户提供的文章内容。 文章主要讲的是Apple发布了新的操作系统版本,修复了85个漏洞。这些漏洞影响了多个操作系统,包括macOS、iOS/iPadOS、tvOS、watchOS和visionOS。值得注意的是,虽然修复了这么多漏洞,但目前还没有这些漏洞被利用的报告。 接下来,我需要提取关键信息:Apple发布新系统版本,修复85个漏洞,涵盖多个平台,没有被利用的情况。然后,我要把这些信息浓缩成100字以内的中文总结。 可能的结构是先说明发布新版本,然后提到修复了多少漏洞,覆盖哪些系统,最后指出这些漏洞尚未被利用。这样既全面又简洁。 现在组织语言:Apple发布了新的操作系统版本,修复了85个漏洞。这些漏洞影响了macOS、iOS/iPadOS、tvOS、watchOS和visionOS等多个平台。目前尚未有这些漏洞被利用的报告。 检查字数是否在限制内,并确保没有使用任何特定的开头词。这样应该符合用户的要求。 </think> Apple发布了新的操作系统版本,修复了85个安全漏洞,覆盖macOS、iOS/iPadOS、tvOS、watchOS和visionOS等平台。目前这些漏洞尚未被利用。 2026-3-25 21:29:57 Author: isc.sans.edu(查看原文) 阅读量:2 收藏
Apple released the next version of its operating system, patching 85 different vulnerabilities across all of them. None of the vulnerabilities are currently being exploited. The last three macOS "generations" are covered, as are the last two versions of iOS/iPadOS. For tvOS, watchOS, and visionOS, only the current version received patches. This update also includes the recently released Background Security Improvements. Some older watchOS versions received updates, but these updates do not address any security issues.
| iOS 26.4 and iPadOS 26.4 | iOS 18.7.7 and iPadOS 18.7.7 | macOS Tahoe 26.4 | macOS Sequoia 15.7.5 | macOS Sonoma 14.8.5 | tvOS 26.4 | watchOS 26.4 | visionOS 26.4 | Safari 26.4 | Xcode 26.4 |
|---|---|---|---|---|---|---|---|---|---|
| CVE-2025-43376: A remote attacker may be able to view leaked DNS queries with Private Relay turned on. Affects WebKit |
|||||||||
| x | |||||||||
| CVE-2025-43534: A user with physical access to an iOS device may be able to bypass Activation Lock. Affects iTunes Store |
|||||||||
| x | |||||||||
| CVE-2026-20607: An app may be able to access protected user data. Affects libxpc |
|||||||||
| x | x | x | |||||||
| CVE-2026-20631: A user may be able to elevate privileges. Affects PackageKit |
|||||||||
| x | |||||||||
| CVE-2026-20632: An app may be able to access sensitive user data. Affects Music |
|||||||||
| x | |||||||||
| CVE-2026-20633: An app may be able to access user-sensitive data. Affects Archive Utility |
|||||||||
| x | x | x | |||||||
| CVE-2026-20637: An app may be able to cause unexpected system termination. Affects AppleKeyStore |
|||||||||
| x | x | x | |||||||
| CVE-2026-20639: Processing a maliciously crafted string may lead to heap corruption. Affects configd |
|||||||||
| x | x | ||||||||
| CVE-2026-20643: Processing maliciously crafted web content may bypass Same Origin Policy. Affects WebKit |
|||||||||
| x | x | x | x | x | |||||
| CVE-2026-20651: An app may be able to access sensitive user data. Affects Messages |
|||||||||
| x | |||||||||
| CVE-2026-20657: Parsing a maliciously crafted file may lead to an unexpected app termination. Affects Vision |
|||||||||
| x | x | x | |||||||
| CVE-2026-20660: A remote user may be able to write arbitrary files. Affects CFNetwork |
|||||||||
| x | |||||||||
| CVE-2026-20665: Processing maliciously crafted web content may prevent Content Security Policy from being enforced. Affects WebKit |
|||||||||
| x | x | x | x | x | x | x | |||
| CVE-2026-20668: An app may be able to access sensitive user data. Affects Focus |
|||||||||
| x | x | x | |||||||
| CVE-2026-20684: An app may bypass Gatekeeper checks. Affects AppleScript |
|||||||||
| x | |||||||||
| CVE-2026-20687: An app may be able to cause unexpected system termination or write kernel memory. Affects Kernel |
|||||||||
| x | x | x | x | x | x | ||||
| CVE-2026-20688: An app may be able to break out of its sandbox. Affects Printing |
|||||||||
| x | x | x | x | x | |||||
| CVE-2026-20690: Processing an audio stream in a maliciously crafted media file may terminate the process. Affects CoreMedia |
|||||||||
| x | x | x | x | x | x | x | x | ||
| CVE-2026-20691: A maliciously crafted webpage may be able to fingerprint the user. Affects WebKit Sandboxing |
|||||||||
| x | x | x | x | x | |||||
| CVE-2026-20692: "Hide IP Address" and "Block All Remote Content" may not apply to all mail content. Affects Mail |
|||||||||
| x | x | x | x | ||||||
| CVE-2026-20693: An attacker with root privileges may be able to delete protected system files. Affects PackageKit |
|||||||||
| x | x | x | |||||||
| CVE-2026-20694: An app may be able to access user-sensitive data. Affects MigrationKit |
|||||||||
| x | x | x | |||||||
| CVE-2026-20695: An app may be able to determine kernel memory layout. Affects Kernel |
|||||||||
| x | x | x | |||||||
| CVE-2026-20697: An app may be able to access sensitive user data. Affects Spotlight |
|||||||||
| x | x | x | |||||||
| CVE-2026-20698: An app may be able to cause unexpected system termination or corrupt kernel memory. Affects Kernel |
|||||||||
| x | x | x | x | x | |||||
| CVE-2026-20699: An app may be able to access user-sensitive data. Affects AppleMobileFileIntegrity |
|||||||||
| x | x | x | |||||||
| CVE-2026-20701: An app may be able to connect to a network share without user consent. Affects NetAuth |
|||||||||
| x | x | x | |||||||
| CVE-2026-28816: An app may be able to delete files for which it does not have permission. Affects Notes |
|||||||||
| x | x | x | |||||||
| CVE-2026-28817: A sandboxed process may be able to circumvent sandbox restrictions. Affects Printing |
|||||||||
| x | x | x | |||||||
| CVE-2026-28818: An app may be able to access sensitive user data. Affects Spotlight |
|||||||||
| x | x | x | |||||||
| CVE-2026-28820: An app may be able to access sensitive user data. Affects StorageKit |
|||||||||
| x | |||||||||
| CVE-2026-28821: An app may be able to gain elevated privileges. Affects CoreServices |
|||||||||
| x | x | x | |||||||
| CVE-2026-28822: An attacker may be able to cause unexpected app termination. Affects Audio |
|||||||||
| x | x | x | x | x | x | x | |||
| CVE-2026-28823: An app with root privileges may be able to delete protected system files. Affects Admin Framework |
|||||||||
| x | |||||||||
| CVE-2026-28824: An app may be able to access sensitive user data. Affects AppleMobileFileIntegrity |
|||||||||
| x | x | x | |||||||
| CVE-2026-28825: An app may be able to modify protected parts of the file system. Affects SMB |
|||||||||
| x | x | x | |||||||
| CVE-2026-28826: A malicious app may be able to break out of its sandbox. Affects NSColorPanel |
|||||||||
| x | |||||||||
| CVE-2026-28827: An app may be able to break out of its sandbox. Affects NetFSFramework |
|||||||||
| x | x | x | |||||||
| CVE-2026-28828: An app may be able to access sensitive user data. Affects TCC |
|||||||||
| x | x | x | |||||||
| CVE-2026-28829: An app may be able to modify protected parts of the file system. Affects WebDAV |
|||||||||
| x | x | x | |||||||
| CVE-2026-28831: An app may be able to access sensitive user data. Affects Printing |
|||||||||
| x | x | x | |||||||
| CVE-2026-28832: An app may be able to disclose kernel memory. Affects File System |
|||||||||
| x | x | x | |||||||
| CVE-2026-28833: An app may be able to enumerate a user's installed apps. Affects iCloud |
|||||||||
| x | x | x | |||||||
| CVE-2026-28834: An app may be able to cause unexpected system termination. Affects GPU Drivers |
|||||||||
| x | x | x | |||||||
| CVE-2026-28835: Mounting a maliciously crafted SMB network share may lead to system termination. Affects SMB |
|||||||||
| x | x | x | |||||||
| CVE-2026-28837: An app may be able to access sensitive user data. Affects System Settings |
|||||||||
| x | |||||||||
| CVE-2026-28838: An app may be able to break out of its sandbox. Affects CoreServices |
|||||||||
| x | x | x | |||||||
| CVE-2026-28839: An app may be able to access sensitive user data. Affects NetAuth |
|||||||||
| x | x | x | |||||||
| CVE-2026-28841: A buffer overflow may result in memory corruption and unexpected app termination. Affects IOGraphics |
|||||||||
| x | |||||||||
| CVE-2026-28842: A buffer overflow may result in memory corruption and unexpected app termination. Affects IOGraphics |
|||||||||
| x | |||||||||
| CVE-2026-28844: An attacker may gain access to protected parts of the file system. Affects SystemMigration |
|||||||||
| x | |||||||||
| CVE-2026-28845: An app may be able to access protected user data. Affects LaunchServices |
|||||||||
| x | |||||||||
| CVE-2026-28852: An app may be able to cause a denial-of-service. Affects UIFoundation |
|||||||||
| x | x | x | x | x | x | x | |||
| CVE-2026-28856: An attacker with physical access to a locked device may be able to view sensitive user information. Affects Siri |
|||||||||
| x | x | x | |||||||
| CVE-2026-28857: Processing maliciously crafted web content may lead to an unexpected process crash. Affects WebKit |
|||||||||
| x | x | x | x | ||||||
| CVE-2026-28858: A remote user may be able to cause unexpected system termination or corrupt kernel memory. Affects Telephony |
|||||||||
| x | |||||||||
| CVE-2026-28859: A malicious website may be able to process restricted web content outside the sandbox. Affects WebKit |
|||||||||
| x | x | x | x | x | x | ||||
| CVE-2026-28861: A malicious website may be able to access script message handlers intended for other origins. Affects WebKit |
|||||||||
| x | x | x | x | x | |||||
| CVE-2026-28862: An app may be able to access user-sensitive data. Affects Phone |
|||||||||
| x | x | x | |||||||
| CVE-2026-28863: An app may be able to fingerprint the user. Affects Sandbox Profiles |
|||||||||
| x | x | x | x | ||||||
| CVE-2026-28864: A local attacker may gain access to user's Keychain items. Affects Security |
|||||||||
| x | x | x | x | x | x | x | |||
| CVE-2026-28865: An attacker in a privileged network position may be able to intercept network traffic. Affects 802.1X |
|||||||||
| x | x | x | x | x | x | x | x | ||
| CVE-2026-28866: An app may be able to access sensitive user data. Affects Clipboard |
|||||||||
| x | x | x | x | x | |||||
| CVE-2026-28867: An app may be able to leak sensitive kernel state. Affects Kernel |
|||||||||
| x | x | x | x | x | x | x | |||
| CVE-2026-28868: An app may be able to disclose kernel memory. Affects Kernel |
|||||||||
| x | x | x | x | x | x | x | |||
| CVE-2026-28870: An app may be able to access sensitive user data. Affects GeoServices |
|||||||||
| x | x | x | x | x | |||||
| CVE-2026-28871: Visiting a maliciously crafted website may lead to a cross-site scripting attack. Affects WebKit |
|||||||||
| x | x | x | x | ||||||
| CVE-2026-28874: A remote attacker may cause an unexpected app termination. Affects Baseband |
|||||||||
| x | |||||||||
| CVE-2026-28875: A remote attacker may be able to cause a denial-of-service. Affects Baseband |
|||||||||
| x | |||||||||
| CVE-2026-28876: An app may be able to access sensitive user data. Affects DeviceLink |
|||||||||
| x | x | x | x | x | x | ||||
| CVE-2026-28877: An app may be able to access sensitive user data. Affects Accounts |
|||||||||
| x | x | x | x | x | |||||
| CVE-2026-28878: An app may be able to enumerate a user's installed apps. Affects Crash Reporter |
|||||||||
| x | x | x | x | x | x | x | |||
| CVE-2026-28879: Processing maliciously crafted web content may lead to an unexpected process crash. Affects Audio |
|||||||||
| x | x | x | x | x | x | x | x | ||
| CVE-2026-28880: An app may be able to enumerate a user's installed apps. Affects iCloud |
|||||||||
| x | x | x | |||||||
| CVE-2026-28881: An app may be able to access sensitive user data. Affects iCloud |
|||||||||
| x | |||||||||
| CVE-2026-28882: An app may be able to enumerate a user's installed apps. Affects libxpc |
|||||||||
| x | x | x | x | x | |||||
| CVE-2026-28886: A user in a privileged network position may be able to cause a denial-of-service. Affects CoreUtils |
|||||||||
| x | x | x | x | x | x | x | x | ||
| CVE-2026-28888: An app may be able to gain root privileges. Affects CUPS |
|||||||||
| x | x | x | |||||||
| CVE-2026-28889: An app may be able to read arbitrary files as root. Affects Simulator |
|||||||||
| x | |||||||||
| CVE-2026-28890: An app may be able to cause unexpected system termination. Affects otool |
|||||||||
| x | |||||||||
| CVE-2026-28891: An app may be able to break out of its sandbox. Affects NetAuth |
|||||||||
| x | x | x | |||||||
| CVE-2026-28892: An app may be able to modify protected parts of the file system. Affects Diagnostics |
|||||||||
| x | x | x | |||||||
| CVE-2026-28893: A document may be written to a temporary file when using print preview. Affects CUPS |
|||||||||
| x | |||||||||
| CVE-2026-28894: A remote attacker may be able to cause a denial-of-service. Affects Calling Framework |
|||||||||
| x | x | x | x | ||||||
| CVE-2026-28895: An attacker with physical access to an iOS device with Stolen Device Protection enabled may be able to access biometrics-gated Protected Apps with the passcode. Affects App Protection |
|||||||||
| x | |||||||||
--
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|
文章来源: https://isc.sans.edu/diary/rss/32830
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh