-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-11-05-5 watchOS 5.3.9
watchOS 5.3.9 is now available and address the following issues. Information about the security content is also available at https://support.apple.com/HT211945. FontParser Available for: Apple Watch Series 1, Apple Watch Series 2, Apple Watch Series 3, and Apple Watch Series 4 when paired to an iPhone with iOS 12 installed Impact: Processing a maliciously crafted font may lead to arbitrary code execution. Apple is aware of reports that an exploit for this issue exists in the wild. Description: A memory corruption issue was addressed with improved input validation. CVE-2020-27930: Google Project Zero Kernel Available for: Apple Watch Series 1, Apple Watch Series 2, Apple Watch Series 3, and Apple Watch Series 4 when paired to an iPhone with iOS 12 installed Impact: A malicious application may be able to disclose kernel memory. Apple is aware of reports that an exploit for this issue exists in the wild. Description: A memory initialization issue was addressed. CVE-2020-27950: Google Project Zero Kernel Available for: Apple Watch Series 1, Apple Watch Series 2, Apple Watch Series 3, and Apple Watch Series 4 when paired to an iPhone with iOS 12 installed Impact: A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of reports that an exploit for this issue exists in the wild. Description: A type confusion issue was addressed with improved state handling. CVE-2020-27932: Google Project Zero Installation note: Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAl+kfXcACgkQZcsbuWJ6 jjD/gA//W+VZjhWdMTw/A7LYWyB3SIXul0iMBgLCcuMYXswI+SpDq25EPIXA+KpX PU3/mpnEu0uyNDkEQI/RW0FIzcvdLpKdJGBot0Fw0O2/NjslVtF5j3AuwCZgL7jP iON3SkRX5rM/LcGG2fzC4gLRlxnhfJl6qhlfPOlAhgvlFPjiv8XSj22kxzQFs9mP EpKb/w4R0QCdSeBSQi1CCap9YLIi6w52TGHp3IzgfKMEjOqmBKISFVnTbFFYBqNG z7xdquJLAw9y4WSDQk8q/uYc1lazd3QMn6ym+4K7HxQgVgrgt2QGUz5S9pDS3xVp zgNVf3VaonsYQZuw8LPhtp2hjQEjjIPhwiMm0UrLmijNbQrtDG4qwAR71oGDHmNk GuIiSvDDNiywvQ8pt8BvawUPm7lVwpcKLHtMBVEcmkGHV6PB5LS6NVYYjCcYP/vb zImPQO65+zYHAYvBc3Obth6M7FQIfHoZ2KHxMuufBgxfj2zywZsbKq3qEdv9Ynnr mgLhqpwMZ7aHrlaYG73DuLG3L19cUNNkzkdw+0gvIurAgeVJfTHKcObKi61w+rhx 0dA+xsz2Lwll8y//l5vl0kGWgV1kaonOdlTyZYnu/4ZsIxiZGnppQTyYig0Asvs0 9jP69mVPcbBDgycuJU4ylbz2llO9WxQ1FDD7sN47JXzFMn4gBPo= =zru3 -----END PGP SIGNATURE----- _______________________________________________ Do not post admin requests to the list. They will be ignored. Security-announce mailing list ([email protected]) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/security-announce/archive%40mail-archive.com This email sent to [email protected]
