Apple Covers All the Bases with Over 100 Security Updates in May
In mid-May, while the world was waking up to deal with the chaos caused by the WannaCry ransomware spreading over the web, Apple was making its users safer again. Released on May 15th, a new set of patches dropped for iOS, macOS Sierra, and both the El Capitan and Yosemite version of OS X. So many different fixes were implemented that it would be difficult to cover exactly what each of them accomplishes. However, of particular note in this update is the fact that ethical hackers previously identified more than a third of the flaws which were patched.
Pwn2Own is an annual hacking competition held with the goal of identifying critical vulnerabilities in popular systems and devices. The most common aim is to achieve remote code execution or extraction of sensitive data. In fact, we reported on a vulnerability discovered during this year’s Pwn2Own (back in March) in which the hackers could take control of the new MacBook’s Touch Bar. Though the security threat there was minor, it demonstrated the potential for a larger breach. In keeping with the spirit of the competition, companies like Apple always receive notification of any flaws uncovered during the contest. As a result, they patched the Touch Bar vulnerability and many others in the May 15 updates.
Apple Watch and Apple TV products received updates to harden them against potential vulnerabilities in the WebKit rendering engine. Stricter protections for the system kernel were also implemented across iOS and macOS, to prevent hackers from exploiting a flaw to enable reading data from protected memory. Complex flaws that may have given a hacker free reign to run their own code on macOS systems were also addressed. Needless to say, if you have yet to apply these crucial updates, we encourage you to do so now.
With the help of the security professionals like those who participate in Pwn2Own every year, we are all safer on our digital platforms. It’s important to remember that not every hacker is out to ruin computer systems and steal your data. There are many “white hat” ethical hackers out there working to improve the security of our platforms. With their help we can hope to stay one step ahead of the newest threats. Although this was not the largest single day of patches in recent Apple history, it signifies a notable and active effort to continue protecting users.
