Appleが現地時間2月7日、重要なセキュリティアップデートが含まれるiOS 12.1.4をリリースしている。
このアップデートは、iPhone 5s以降, iPad Air以降、iPod touch(第6世代)に適用される。
主な改善点
- 「FaceTime」アプリのグループ通話機能のセキュリティ問題を修正
- 「Live Photos」関連の不具合を修正
リリースノート(日本語版)
iOS 12.1.4には重要なセキュリティアップデートが含まれ、すべてのユーザに推奨されます。
このAppleソフトウェア・アップデートのセキュリティコンテンツについては、次のWebサイトをご覧ください: https://support.apple.com/ja-jp/HT201222
Apple セキュリティアップデート
リリースノート(英語版)
FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
Impact: The initiator of a Group FaceTime call may be able to cause the recipient to answer
Description: A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved state management.
CVE-2019-6223: Grant Thompson of Catalina Foothills High School, Daven Morris of Arlington, TX
Foundation
Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
Impact: An application may be able to gain elevated privilegesDescription: A memory corruption issue was addressed with improved input validation.
CVE-2019-7286: an anonymous researcher, Clement Lecigne of Google Threat Analysis Group, Ian Beer of Google Project Zero, and Samuel Groß of Google Project Zero
IOKit
Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved input validation.
CVE-2019-7287: an anonymous researcher, Clement Lecigne of Google Threat Analysis Group, Ian Beer of Google Project Zero, and Samuel Groß of Google Project Zero
Live Photos in FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
Impact: A thorough security audit of the FaceTime service uncovered an issue with Live Photos
Description: The issue was addressed with improved validation on the FaceTime server.
CVE-2019-7288: Apple
About the security content of iOS 12.1.4
