Apple macOS Mojave 10.14 Security Updates

 

Apple has released macOS Mojave 10.14, the 2018 edition of macOS. This update contains many security updates, which are introduced below.

 

The updates below are for these specific Mac models:

  • MacBook (Early 2015 and later)
  • MacBook Air (Mid 2012 and later)
  • MacBook Pro (Mid 2012 and later)
  • Mac mini (Late 2012 and later)
  • iMac (Late 2012 and later)
  • iMac Pro (all models)
  • Mac Pro (Late 2013, Mid 2010, and Mid 2012 models with recommended Metal-capable graphics processor, including MSI Gaming Radeon RX 560 and Sapphire Radeon PULSE RX 580)

 

App Store

A malicious application may be able to determine the Apple ID of the owner of the computer.
  • A permissions issue existed in the handling of the Apple ID. This issue was addressed with improved access controls
  • CVE-2018-4324

 

Application Firewall

A sandboxed process may be able to circumvent sandbox restrictions.
  • A configuration issue was addressed with additional restrictions
  • CVE-2018-4353

 

Auto Unlock

A malicious application may be able to access local users AppleIDs.
  • A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement
  • CVE-2018-4321

 

Crash Reporter

An application may be able to read restricted memory.
  • A validation issue was addressed with improved input sanitization
  • CVE-2018-4333

 

Kernel

An application may be able to execute arbitrary code with kernel privileges.
  • A memory corruption issue was addressed with improved memory handling
  • CVE-2018-4336 and CVE-2018-4344

 

Security

An attacker may be able to exploit weaknesses in the RC4 cryptographic algorithm.
  • This issue was addressed by removing RC4
  • CVE-2016-1777

 

Bluetooth

The following update on Bluetooth is available for these devices:

  • iMac (21.5-inch, Late 2012)
  • iMac (27-inch, Late 2012)
  • iMac (21.5-inch, Late 2013)
  • iMac (21.5-inch, Mid 2014)
  • iMac (Retina 5K, 27-inch, Late 2014)
  • iMac (21.5-inch, Late 2015)
  • Mac mini (Mid 2011)
  • Mac mini Server (Mid 2011)
  • Mac mini (Late 2012)
  • Mac mini Server (Late 2012)
  • Mac mini (Late 2014)
  • Mac Pro (Late 2013)
  • MacBook Air (11-inch, Mid 2011)
  • MacBook Air (13-inch, Mid 2011)
  • MacBook Air (11-inch, Mid 2012)
  • MacBook Air (13-inch, Mid 2012)
  • MacBook Air (11-inch, Mid 2013)
  • MacBook Air (13-inch, Mid 2013)
  • MacBook Air (11-inch, Early 2015)
  • MacBook Air (13-inch, Early 2015)
  • MacBook Pro (13-inch, Mid 2012)
  • MacBook Pro (15-inch, Mid 2012)
  • MacBook Pro (Retina, 13-inch, Early 2013)
  • MacBook Pro (Retina, 15-inch, Early 2013)
  • MacBook Pro (Retina, 13-inch, Late 2013)
  • MacBook Pro (Retina, 15-inch, Late 2013)

 

An attacker in a privileged network position may be able to intercept Bluetooth traffic.
  • An input validation issue existed in Bluetooth. This issue was addressed with improved input validation
  • CVE-2018-5383

 

 

If you found this post helpful, share it to your friends!

About the author

PC Rookies is a one-man-project to offer basic information about computers. The writer is studying computer sciences and a computer hobbyist.

Leave A Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.