[情報] IOS 10.2.1 更新內容

看板iOS作者kyle5241 (kyle)時間8年前 (2017/01/24 05:30)推噓55(78推 23噓 15→)

留言116則, 102人參與討論串1/1

https://support.apple.com/en-us/HT207482 This document describes the security content of iOS 10.2.1. iOS 10.2.1 Released January 23, 2017 Auto Unlock 自動解鎖問題 Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later 影響：當Apple watch離開你的手時仍然會自動解鎖 Impact: Auto Unlock may unlock when Apple Watch is off the user's wrist Description: A logic issue was addressed through improved state management. CVE-2017-2352: Ashley Fernandez of raptAware Pty Ltd Contacts 聯絡人問題 Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later 影響：惡意的聯絡人資料卡可能造成程式中止 Impact: Processing a maliciously crafted contact card may lead to unexpected application termination Description: An input validation issue existed in the parsing of contact cards. This issue was addressed through improved input validation. CVE-2017-2368: Vincent Desmurs (vincedes3) Kernel 內核 Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later 影響：程式利用內核的特殊權限任意執行程式碼 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A buffer overflow issue was addressed through improved memory handling. CVE-2017-2370: Ian Beer of Google Project Zero Kernel 內核 Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later 影響：程式利用內核的特殊權限任意執行程式碼 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed through improved memory management. CVE-2017-2360: Ian Beer of Google Project Zero libarchive 資料庫封存問題 Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later 影響：打開惡意產生的封包可能導致程式碼任意執行 Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution Description: A buffer overflow issue was addressed through improved memory handling. CVE-2016-8687: Agostino Sarubbo of Gentoo WebKit 問題 Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later 影響：處理惡意網站內容可能導致別的來源的資料流出 Impact: Processing maliciously crafted web content may exfiltrate data cross-origin Description: A prototype access issue was addressed through improved exception handling. CVE-2017-2350: Gareth Heyes of Portswigger Web Security WebKit 問題 Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later 影響：處理惡意網站內容可能導致執行任何程式碼 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2017-2354: Neymar of Tencent's Xuanwu Lab (tencent.com) working with Trend Micro's Zero Day Initiative CVE-2017-2362: Ivan Fratric of Google Project Zero CVE-2017-2373: Ivan Fratric of Google Project Zero WebKit 問題 Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later 影響：處理惡意網站內容可能導致執行任何程式碼 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory initialization issue was addressed through improved memory handling. CVE-2017-2355: Team Pangu and lokihardt at PwnFest 2016 WebKit 問題 Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later 影響：處理惡意網站內容可能導致執行任何程式碼 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved input validation. CVE-2017-2356: Team Pangu and lokihardt at PwnFest 2016 CVE-2017-2369: Ivan Fratric of Google Project Zero CVE-2017-2366: Kai Kang of Tencent's Xuanwu Lab (tencent.com) WebKit 問題 Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later 影響：處理惡意網站內容可能導致別的來源的資料流出 Impact: Processing maliciously crafted web content may exfiltrate data cross-origin Description: A validation issue existed in the handling of page loading. This issue was addressed through improved logic. CVE-2017-2363: lokihardt of Google Project Zero CVE-2017-2364: lokihardt of Google Project Zero WebKit 問題 Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later 影響：惡意網站可以打開彈出式視窗 Impact: A malicious website can open popups Description: An issue existed in the handling of blocking popups. This was addressed through improved input validation. CVE-2017-2371: lokihardt of Google Project Zero WebKit 問題 Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later 影響：處理惡意網站內容可能導致別的來源的資料流出 Impact: Processing maliciously crafted web content may exfiltrate data cross-origin Description: A validation issue existed in the handling of variable handling. This issue was addressed through improved validation. CVE-2017-2365: lokihardt of Google Project Zero WiFi 問題 Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later 影響：有啟動鎖定的裝置可以在操作下短暫的顯示首頁 Impact: An activation-locked device can be manipulated to briefly present the home screen Description: An issue existed with handling user input that caused a device to present the home screen even when activation locked. This was addressed through improved input validation. CVE-2017-2351: Sriram (@Sri_Hxor) of Primefort Pvt. Ltd., Hemanth Joseph -- ※ 發信站: 批踢踢實業坊(ptt.cc), 來自: 131.215.107.226 ※ 文章網址: https://www.ptt.cc/bbs/iPhone/M.1485207039.A.B60.html

→

jatj

01/24 06:22, , 1^F

01/24 06:22, 1^F

噓

othersHTC92

01/24 08:02, , 2^F

01/24 08:02, 2^F

噓

z8632100

01/24 08:25, , 3^F

01/24 08:25, 3^F

噓

rock1331

01/24 08:27, , 4^F

01/24 08:27, 4^F

噓

dannyace

01/24 08:27, , 5^F

01/24 08:27, 5^F

→

kyle5241

01/24 08:31, , 6^F

01/24 08:31, 6^F

※ 編輯: kyle5241 (206.117.40.12), 01/24/2017 08:32:25

噓

st8740212

01/24 08:34, , 7^F

01/24 08:34, 7^F

→

kyle5241

01/24 08:34, , 8^F

01/24 08:34, 8^F

噓

haleytll

01/24 08:41, , 9^F

01/24 08:41, 9^F

→

haleytll

01/24 08:41, , 10^F

01/24 08:41, 10^F

→

zonhan

01/24 08:47, , 11^F

01/24 08:47, 11^F

噓

celtics1997

01/24 08:50, , 12^F

01/24 08:50, 12^F

噓

oopsskimo

01/24 08:51, , 13^F

01/24 08:51, 13^F

→

kuso10582

01/24 08:52, , 14^F

01/24 08:52, 14^F

噓

abram

01/24 08:54, , 15^F

01/24 08:54, 15^F

噓

bbace

01/24 08:58, , 16^F

01/24 08:58, 16^F

推

macho1223

01/24 08:58, , 17^F

01/24 08:58, 17^F

噓

othersHTC92

01/24 08:59, , 18^F

01/24 08:59, 18^F

推

hhh1234321

01/24 09:00, , 19^F

01/24 09:00, 19^F

噓

bqmm

01/24 09:02, , 20^F

01/24 09:02, 20^F

→

horseorange

01/24 09:03, , 21^F

01/24 09:03, 21^F

噓

a258558

01/24 09:18, , 22^F

01/24 09:18, 22^F

推

pm2001

01/24 09:39, , 23^F

01/24 09:39, 23^F

噓

Grady1979

01/24 09:53, , 24^F

01/24 09:53, 24^F

→

ichen30259

01/24 09:56, , 25^F

01/24 09:56, 25^F

噓

HOME8869

01/24 09:57, , 26^F

01/24 09:57, 26^F

噓

kobe7610

01/24 09:58, , 27^F

01/24 09:58, 27^F

噓

s973311

01/24 10:20, , 28^F

01/24 10:20, 28^F

推

zx2998

01/24 10:29, , 29^F

01/24 10:29, 29^F

推

chrislt2322

01/24 10:37, , 30^F

01/24 10:37, 30^F

推

ImCPM

01/24 10:39, , 31^F

01/24 10:39, 31^F

噓

vector

01/24 10:47, , 32^F

01/24 10:47, 32^F

噓

yangchenyue

01/24 10:48, , 33^F

01/24 10:48, 33^F

噓

mango314

01/24 10:54, , 34^F

01/24 10:54, 34^F

推

Paulbio

01/24 10:59, , 35^F

01/24 10:59, 35^F

推

tomodachiwen

01/24 11:43, , 36^F

01/24 11:43, 36^F

噓

x850519

01/24 11:47, , 37^F

01/24 11:47, 37^F

推

frank0908

01/24 12:10, , 38^F

01/24 12:10, 38^F

還有 38 則推文

還有 1 段內文

推

tomodachiwen

01/24 21:06, , 77^F

01/24 21:06, 77^F

推

baibaizo

01/24 21:25, , 78^F

01/24 21:25, 78^F

推

crayon123

01/24 21:35, , 79^F

01/24 21:35, 79^F

推

jerry255701

01/24 21:42, , 80^F

01/24 21:42, 80^F

推

BlueIceBeer

01/24 21:47, , 81^F

01/24 21:47, 81^F

推

snowgod

01/24 22:19, , 82^F

01/24 22:19, 82^F

推

a87992772

01/24 22:22, , 83^F

01/24 22:22, 83^F

推

SimACC

01/24 22:55, , 84^F

01/24 22:55, 84^F

推

DarrenKuo

01/24 22:58, , 85^F

01/24 22:58, 85^F

推

alins1999

01/24 23:13, , 86^F

01/24 23:13, 86^F

推

kevinee

01/25 00:15, , 87^F

01/25 00:15, 87^F

推

Vek1112

01/25 02:19, , 88^F

01/25 02:19, 88^F

推

st880517

01/25 02:36, , 89^F

01/25 02:36, 89^F

推

bestneil

01/25 03:09, , 90^F

01/25 03:09, 90^F

推

ss15669659

01/25 03:32, , 91^F

01/25 03:32, 91^F

推

McDownlaw

01/25 03:48, , 92^F

01/25 03:48, 92^F

推

Rammus1111

01/25 04:31, , 93^F

01/25 04:31, 93^F

推

AirRider

01/25 05:25, , 94^F

01/25 05:25, 94^F

推

DKPCOFGS

01/25 08:16, , 95^F

01/25 08:16, 95^F

推

mars1396

01/25 08:35, , 96^F

01/25 08:35, 96^F

推

young199517

01/25 09:50, , 97^F

01/25 09:50, 97^F

推

baronmax

01/25 10:11, , 98^F

01/25 10:11, 98^F

推

CraziPhone

01/25 11:34, , 99^F

01/25 11:34, 99^F

推

mienchin

01/25 12:24, , 100^F

01/25 12:24, 100^F

推

kevin11tw

01/25 12:28, , 101^F

01/25 12:28, 101^F

推

clop

01/25 12:56, , 102^F

01/25 12:56, 102^F

推

cheche0512

01/25 12:59, , 103^F

01/25 12:59, 103^F

推

keeper036

01/25 13:55, , 104^F

01/25 13:55, 104^F

推

eric45670

01/25 14:43, , 105^F

01/25 14:43, 105^F

推

w5151381guy

01/25 15:39, , 106^F

01/25 15:39, 106^F

推

jimmythepeng

01/26 18:08, , 107^F

01/26 18:08, 107^F

推

kentplay

01/27 22:54, , 108^F

01/27 22:54, 108^F

推

XDDDD5566

01/28 03:29, , 109^F

01/28 03:29, 109^F

推

aifam

01/28 07:57, , 110^F

01/28 07:57, 110^F

推

Feases

01/28 22:59, , 111^F

01/28 22:59, 111^F

推

yoo31805

01/29 18:45, , 112^F

01/29 18:45, 112^F

推

summeruse

01/31 00:25, , 113^F

01/31 00:25, 113^F

推

andy79323

01/31 13:05, , 114^F

01/31 13:05, 114^F

推

LewisRong

02/01 02:00, , 115^F

02/01 02:00, 115^F

推

conanhide

02/01 12:44, , 116^F

02/01 12:44, 116^F

‣ 返回看板[ iOS ] 系統

‣ 更多 kyle5241 的文章

文章代碼(AID): #1OXdN_jW (iOS)