Hello Community!

Yesterday Apple released a security update for a wide variety of products including iCloud for Windows 7.11, iTunes 12.9.4 for Windows, Safari 12.1, macOS (macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra), tvOS 12.2, Xcode 10.2 and iOS 12.2.

Of special note, the release for iOS fixed a whopping 51 vulnerabilities in a wide variety of components. This update was available for iPhone 5s and later, iPad Air and later, and iPod touch 6th generation.

This release includes numerous critical fixes to iOS vulnerabilities, including ones in WebKit that permit websites unauthorized audio recording (CVE-2019-6222). Others in Webkit could be exploited to allow arbitrary code execution via processing maliciously crafted web content(CVE-2019-8535, CVE-2019-6201, CVE-2019-8518, CVE-2019-8523, CVE-2019-8524, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563, CVE-2019-8536, CVE-2019-8544, CVE-2019-7285, CVE-2019-8556, CVE-2019-8506).

A full list of these iOS security updates is available at https://support.apple.com/en-us/HT209601.

Please note: Twitter users (and the author of this post) have noticed and reported bugs with the 12.2 release that have caused Apple News to stop working post-update. User beware!

A list of Nessus plugins for this release can be found here as they are released today (3/26).