作者簡介
macOS Ventura 13.6 版本安全性更新
Apple 於2023年9月22日推出 macOS Ventura 13.6 最新版本更新,此版本更新沒有新增加功能,根據 Apple 官方的說明主要為安全性更新,主要修正兩個安全性問題,建議所有使用者進行更新。
更新版本:macOS Ventura 13.6
Apple 對於 macOS Ventura 13.6 更新說明
此版本更新沒有新增加功能,主要為安全性更新修正,修正了核心(Kernel)本地攻擊者可能能夠提升其權限,安全(Security)惡意 app 可能能夠繞過簽章驗證。此次更新主要修正個兩個安全性問題,建議所有使用者進行更新。
以下是 Apple 對於此版本更新說明:
Kernel
Available for: macOS Ventura
Impact: A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
Description: The issue was addressed with improved checks.
CVE-2023-41992: Bill Marczak of The Citizen Lab at The University of Toronto’s Munk School and Maddie Stone of Google’s Threat Analysis Group
Security
Available for: macOS Ventura
Impact: A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
Description: A certificate validation issue was addressed.
CVE-2023-41991: Bill Marczak of The Citizen Lab at The University of Toronto’s Munk School and Maddie Stone of Google’s Threat Analysis Group
macOS 更新方法
macOS 更新方法請參考下面「macOS Ventura」與「macOS Ventura 之前的版本」兩篇文章:
- macOS Ventura :macOS Ventura 更新 macOS 方法教學
- macOS Ventura 之前的版本:macOS 更新方法教學
相關文章
