—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

APPLE-SA-2016-10-24-2 macOS Sierra 10.12.1

macOS Sierra 10.12.1 is now available and addresses the following:

AppleGraphicsControl
Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed through improved
lock state checking.
CVE-2016-4662: Apple

AppleSMC
Available for: macOS Sierra 10.12
Impact: A local user may be able to elevate privileges
Description: A null pointer dereference was addressed through
improved locking.
CVE-2016-4678: daybreaker@Minionz working with Trend Micro’s Zero Day
Initiative

ATS
Available for: macOS Sierra 10.12
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
memory handling.
CVE-2016-4667: Simmon Huang of alipay,
Thelongestusernameofall@gmail.com Moony Li of Trend Micro, @Flyic

ATS
Available for: macOS Sierra 10.12
Impact: A local user may be able to execute arbitrary code with
additional privileges
Description: A memory corruption issue was addressed through improved
memory handling.
CVE-2016-4674: Shrek_wzw of Qihoo 360 Nirvan Team

CFNetwork Proxies
Available for: macOS Sierra 10.12
Impact: An attacker in a privileged network position may be able to
leak sensitive user information
Description: A phishing issue existed in the handling of proxy
credentials. This issue was addressed by removing unsolicited proxy
password authentication prompts.
CVE-2016-7579: Jerry Decime

CoreGraphics
Available for: macOS Sierra 10.12
Impact: Viewing a maliciously crafted JPEG file may lead to arbitrary
code execution
Description: A memory corruption issue was addressed through improved
memory handling.
CVE-2016-4673: Marco Grassi (@marcograss) of KeenLab (@keen_lab),
Tencent

FaceTime
Available for: macOS Sierra 10.12
Impact: An attacker in a privileged network position may be able to
cause a relayed call to continue transmitting audio while appearing
as if the call terminated
Description: User interface inconsistencies existed in the handling
of relayed calls. These issues were addressed through improved
FaceTime display logic.
CVE-2016-4635: Martin Vigo (@martin_vigo) of salesforce.com

FontParser
Available for: macOS Sierra 10.12
Impact: Parsing a maliciously crafted font may disclose sensitive
user information
Description: An out-of-bounds read was addressed through improved
bounds checking.
CVE-2016-4660: Ke Liu of Tencent’s Xuanwu Lab

ImageIO
Available for: OS X El Capitan v10.11.6
Impact: Parsing a maliciously crafted PDF may lead to arbitrary code
execution
Description: An out-of-bounds write was addressed through improved
bounds checking.
CVE-2016-4671: Ke Liu of Tencent’s Xuanwu Lab, Juwei Lin
(@fuzzerDOTcn)

ImageIO
Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6
Impact: Processing a maliciously crafted image may result in the
disclosure of process memory
Description: An out-of-bounds read issue existed in the SGI image
parsing. This issue was addressed through improved bounds checking.
CVE-2016-4682: Ke Liu of Tencent’s Xuanwu Lab

libarchive
Available for: macOS Sierra 10.12
Impact: A malicious archive may be able to overwrite arbitrary files
Description: An issue existed within the path validation logic for
symlinks. This issue was addressed through improved path
sanitization.
CVE-2016-4679: Omer Medan of enSilo Ltd

libxpc
Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6,
and macOS Sierra 10.12
Impact: An application may be able to execute arbitrary code with
root privileges
Description: A logic issue was addressed through additional
restrictions.
CVE-2016-4675: Ian Beer of Google Project Zero

ntfs
Available for: macOS Sierra 10.12
Impact: An application may be able to cause a denial of service
Description: An issue existed in the parsing of disk images. This
issue was addressed through improved validation.
CVE-2016-4661: Recurity Labs on behalf of BSI (German Federal Office
for Information Security)

NVIDIA Graphics Drivers
Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6
Impact: An application may be able to cause a denial of service
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2016-4663: Apple

System Boot
Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.6,
and macOS Sierra 10.12
Impact: A local user may be able to cause an unexpected system
termination or arbitrary code execution in the kernel
Description: Multiple input validation issues existed in MIG
generated code. These issues were addressed through improved
validation.
CVE-2016-4669: Ian Beer of Google Project Zero

macOS Sierra 10.12.1 may be obtained
from the Mac App Store or Apple’s Software Downloads web site:
https://www.apple.com/support/downloads/

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple’s Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
—–BEGIN PGP SIGNATURE—–
Comment: GPGTools – https://gpgtools.org

iQIcBAEBCgAGBQJYDlRWAAoJEIOj74w0bLRGFnYP/iy1NY+HgMgJd4OeOakX4sGP
8utQ55plu7WdQ3imNdcP1NYm+tuqFLxSDm7qJMA4zsAakxdUAGWEWYjRmJ9IxTep
Gil1qjXZHksX/7lF+VzoMcsAC4CE0yFnaFAw0gHdhQFZyzYryPVsryue56WX5DAD
4/MJUK85U1P2YRDkMW8Mt4TrOW0kgpohpZIFsWKmBocZ4Q/GLybQLzip7mv9w4/K
k8L+m9oHUr+Bh7Et+OoM+4oTBC2pIwdb9U5edTHqIMpXp15jScTXbQ/pz+ngjZ6E
wUDa8hZC30m6SWSJtFUMZ5+6Gedcafcn/kegRPeFwitQ13EnLOVeGekp25ROsnF1
NwXiDDYuUxTg8ecW6YJm1OktO035nUg3Rjnonx3km2FNDiFgakK78p622B/eJwOA
WbD6ahu8qAFTf14pCe7WJVvQz4vnjwiwTQxOTxVgiLfAdFHNm9IpxazwEeW8sN+G
cjvoi5VTWL8FiHfUITnJrzeclitgke67vhOs6Ju5+nYiKrUf74NoNnFBPMjD4Qa1
GfvjZ2LWUVBLBahWUl2Nhlr4EWECqF3AEZhBRmcvcHnspcN3f9BBD/kktvpqTAV9
J5TqpiRr2qhrQEV8WLt/GvZSf7hjnSMPUZS4pi27ZKSugkTQsHJs4eWE6awQUgrV
E0naX6k6U0S+vJiI0JU7
=eHH+
—–END PGP SIGNATURE—–

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (Security-announce@lists.apple.com)