Alongside a slew of other releases today, Apple has also quietly released a supplemental update to macOS Catalina 10.15.7. Apple says the update includes important security fixes.
Apple says the supplemental update to macOS Catalina 10.15.7 includes the following fixes:
FontParser
- Available for: macOS Catalina 10.15.7
- Impact: Processing a maliciously crafted font may lead to arbitrary code execution. Apple is aware of reports that an exploit for this issue exists in the wild.
- Description: A memory corruption issue was addressed with improved input validation.
- CVE-2020-27930: Google Project Zero
Kernel
- Available for: macOS Catalina 10.15.7
- Impact: A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of reports that an exploit for this issue exists in the wild.
- Description: A type confusion issue was addressed with improved state handling.
- CVE-2020-27932: Google Project Zero
Kernel
- Available for: macOS Catalina 10.15.7
- Impact: A malicious application may be able to disclose kernel memory. Apple is aware of reports that an exploit for this issue exists in the wild.
- Description: A memory initialization issue was addressed.
- CVE-2020-27950: Google Project Zero
If you’re running macOS Catalina 10.15.7, you can find today’s supplemental update in the System Preferences app on your Mac.
FTC: We use income earning auto affiliate links. More.
You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel
Comments