Ergänzungsupdate für macOS Catalina 10.15.7 ist da
Und wird wie immer allen Nutzern von 10.15.7 empfohlen. Es schließt Sicherheitslücken und sollte deshalb tatsächlich installiert werden. Auf meinem Macbook Pro umfasst das Update 1,2 Gigabyte.
Das Changelog im Detail:
- FontParser
- Available for: macOS Catalina 10.15.7
- Impact: Processing a maliciously crafted font may lead to arbitrary code execution. Apple is aware of reports that an exploit for this issue exists in the wild.
- Description: A memory corruption issue was addressed with improved input validation.
- CVE-2020-27930: Google Project Zero
- Kernel
- Available for: macOS Catalina 10.15.7
- Impact: A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of reports that an exploit for this issue exists in the wild.
- Description: A type confusion issue was addressed with improved state handling.
- CVE-2020-27932: Google Project Zero
- Kernel
- Available for: macOS Catalina 10.15.7
- Impact: A malicious application may be able to disclose kernel memory. Apple is aware of reports that an exploit for this issue exists in the wild.
- Description: A memory initialization issue was addressed.
- CVE-2020-27950: Google Project Zero