Security Market Segment LS
Thursday, 16 July 2020 13:17

Apple updates deliver fixes and features


Another round of updates from Apple delivers some new features and plugs a range of security vulnerabilities in the company's operating systems and Safari web browser.

macOS Catalina 10.15.6 and the corresponding security updates for Mojave and High Sierra patch a variety of flaws, several of which could allow arbitrary code execution (bad) or arbitrary code execution with kernel privileges (really bad).

Most of the fixes are specific to Catalina. One is just for High Sierra (fixing a CoreAudio issue that allowed a buffer overflow), and one is for High Sierra and Mojave (a new version of Vim to prevent arbitrary code execution).

Catalina 10.15.6 includes improvements to Apple News (including more extensive local coverage for a handful of US cities, additional sources for Apple News+, and personalisation of the daily newsletter), a new option to optimise video streaming on HDR-compatible Mac notebooks for improved battery life, improvements to USB mouse and trackpad handling, and a fix for an issue that could cause the software update process to change the computer's name.

Changes aimed at enterprise customers include fixing an issue that could cause passwords containing certain characters to be rejected at the login window when using a non-US keyboard layout, extended support (in certain contexts) for certificates issued by the recently expired AddTrust External CA Root, and the ability to hide major new releases of macOS from managed Macs.

Safari 13.1.2 is part of Catalina 10.15.6 and also available for Mojave and High Sierra.

It addresses 11 issues, some of which can be remotely exploited to execute arbitrary code.

As usual, there is a degree of overlap between the fixes for macOS and those for iOS and iPadOS.

iOS 13.6 and iPadOS 13.6 address a total of 29 issues that could be variously exploited to execute arbitrary code, view sensitive information, and allow cross-site scripting, among others.

Changes include the much-heralded arrival of digital car keys (initially for very recently made BMWs, and including key sharing via Messages and a 'power reserve' allowing keys to be used up to five hours after the phone's battery runs out), the same Apple News improvements as in Catalina 10.16.6 (plus audio news), a 'symptoms' category in the Health app, and various changes and fixes relating to software updates, iCloud Drive, Wi-Fi calling, and other features.

watchOS 6.2.8's and tvOS 13.4.8's lists of fixes are shorter, but have a lot of commonality with those for the other operating systems.

watchOS 6.2.8 supports the digital car key feature on Apple Watch Series 5 or newer.

There is no indication at this stage that tvOS 13.4.8 delivers anything other than patches for security and other bugs.

The macOS updates are available via System Preferences, the iOS/iPadOS and tvOS updates via Settings, and the watchOS update via the Apple Watch app on iPhone.

Subscribe to Newsletter here


Recently iTWire remodelled and relaunched how we approach "Sponsored Content" and this is now referred to as "Promotional News and Content”.

This repositioning of our promotional stories has come about due to customer focus groups and their feedback from PR firms, bloggers and advertising firms.

Your Promotional story will be prominently displayed on the Home Page.

We will also provide you with a second post that will be displayed on every page on the right hand side for at least 6 weeks and also it will appear for 4 weeks in the newsletter every day that goes to 75,000 readers twice daily.



It's all about Webinars.

These days our customers Advertising & Marketing campaigns are mainly focussed on Webinars.

If you wish to promote a Webinar we recommend at least a 2 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial.

For covid-19 assistance we have extended terms, a Webinar Business Booster Pack and other supportive programs.

We look forward to discussing your campaign goals with you. Please click the button below.


Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.





Guest Opinion

Guest Interviews

Guest Reviews

Guest Research & Case Studies

Channel News