Apple Releases Updates for iOS, WatchOS, OS X, Safari and iTunes.
Last Updated: 2015-10-21 19:42:06 UTC
by Johannes Ullrich (Version: 1)
Apple published one of it's usual updates for "everything". Below I took a shot at a quick summary. You can find details here https://support.apple.com/kb/HT201222
49 Vulnerabilities fixed. A number of these affect WebKit and are exploitable via Safari. The update also addresses numerous issues in the FontParser.
14 Vulnerabilities fixed. CVE-2015-5916 looks like a repeat of what was fixed in WatchOS 2: ApplePay may allow malicious terminals to retrieve a partial transaction history.
9 Vulnerabilities in WebKit fixed (pretty much the same vulnerabilities fixed in iOS 9.0.1)
12 Vulnerabilities fixed, 9 of which affect WebKit which is included in iTunes.
EFI contained unused functions that could be abused. This update removes these unused functions.
Apple OS X 10.11.1
41 Vulnerabilities fixed. Again WebKit and some Fontparser vulnerabilities. This update also addresses issues with open source software included in OS X like php. The Safari 9.0.1 update is included in this update.
I didn't see an update for AppleTV yet, but wouldn't be surprised if it will be released as well. At least the WebKit issues will also affect AppleTV.