Apple Watch Series 2 (38mm) Firmware 3.1 Build 14S471
Dateityp: Firmware.
Betriebssystem: AnyOS.
Dateiname: fd5f6b502fc1a5d0e996df94dcc2294ad10a21a7.zip.
Bit: 32/64 Bit.
Lizenz: Kostenlos.
Beschreibung
This update includes improvements and bug fixes.
– New option to replay bubble and full screen effects in Messages
– Messages effects can play with Reduce Motion enabled
– Fixes an issue that could cause the notification for Timer complete to be delivered twice
– Resolves an issue that could prevent Apple Watch Series 2 from fully charging
– Resolves an issue where Activity rings may disappear from the watch face
– Fixes an issue that prevented Force Touch options from appearing in some third-party apps
CoreGraphics
Available for: All Apple Watch models
Impact: Viewing a maliciously crafted JPEG file may lead to arbitrary code execution
Description: A memory corruption issue was addressed through improved memory handling.
CVE-2016-4673: Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent
FontParser
Available for: All Apple Watch models
Impact: Parsing a maliciously crafted font may disclose sensitive user information
Description: An out-of-bounds read was addressed through improved bounds checking.
CVE-2016-4660: Ke Liu of Tencent’s Xuanwu Lab
Kernel
Available for: All Apple Watch models
Impact: An application may be able to disclose kernel memory
Description: A validation issue was addressed through improved input sanitization.
CVE-2016-4680: Max Bazaliy of Lookout and in7egral
libarchive
Available for: All Apple Watch models
Impact: A malicious archive may be able to overwrite arbitrary files
Description: An issue existed within the path validation logic for symlinks. This issue was addressed through improved path sanitization.
CVE-2016-4679: Omer Medan of enSilo Ltd
libxpc
Available for: All Apple Watch models
Impact: An application may be able to execute arbitrary code with root privileges
Description: A logic issue was addressed through additional restrictions.
CVE-2016-4675: Ian Beer of Google Project Zero
Sandbox Profiles
Available for: All Apple Watch models
Impact: An application may be able to retrieve metadata of photo directories
Description: An access issue was addressed through additional sandbox restrictions on third party applications.
CVE-2016-4664: Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, William Enck (North Carolina State University); Lucas Vincenzo Davi, Ahmad-Reza Sadeghi (TU Darmstadt)
Sandbox Profiles
Available for: All Apple Watch models
Impact: An application may be able to retrieve metadata of audio recording directories
Description: An access issue was addressed through additional sandbox restrictions on third party applications.
CVE-2016-4665: Razvan Deaconescu, Mihai Chiroiu (University POLITEHNICA of Bucharest); Luke Deshotels, William Enck (North Carolina State University); Lucas Vincenzo Davi, Ahmad-Reza Sadeghi (TU Darmstadt)
System Boot
Available for: All Apple Watch models
Impact: A local user may be able to cause an unexpected system termination or arbitrary code execution in the kernel
Description: Multiple input validation issues existed in MIG generated code. These issues were addressed through improved validation.
CVE-2016-4669: Ian Beer of Google Project Zero
Download