“A use-after-free vulnerability in the X.509 certificate validation functionality of Apple macOS and iOS has been identified which could lead to arbitrary code execution,” Talos reports. “This vulnerability manifests due to improper handling of X.509v3 certificate extensions fields. A specially crafted X.509 certificate could trigger this vulnerability and potentially result in remote code execution on the affected system.”
“On Apple macOS and iOS, most client applications (e.g. Safari, Mail.app, Google Chrome) use the built in system certificate validation agent to validate a X.509 certificate. An application that passes a malicious certificate to the certificate validation agent could trigger this vulnerability,” Talos reports. “Possible scenarios where this could be exploited include users connecting to a website which serves a malicious certificate to the client, Mail.app connecting to a mail server that provides a malicious certificate, or opening a malicious certificate file to import into the keychain.”
Talos reports, “This vulnerability has been responsibly disclosed to Apple and software updates have been released that address this issue for both macOS and iOS.”
Read more in the full article here.
MacDailyNews Take: Another one bites the dust!
SEE ALSO:
Apple releases iOS 10.3, watchOS 3.2, and tvOS 10.2 – March 27, 2017
Apple releases macOS Sierra 10.12.4 – March 27, 2017
Apple has had problems with certificates for some time. I have reported more than a few instances through the Beta testing where certificates that were accepted in IOS were rejected on Mac inspecific when working with Citrix SW. The handoff from Safari on Macs would result in Citrix clients refusing to open some properly signed certificates.
This pre-dates the current OS and even the previous release. Apple has yet to correct the problem. ica Files that work on iOS Safari, Chrome, Firefox, Vivaldi, Chromium,Opera, etc somehow get sent to the Citrix Client as unsigned.
Meanwhile Apple developers work on new stickers for messages and Planet of the Apps.
I guess online Security isn’t that important.
Apple is ripe for disruption and if they do not get their head out of their ass someone will come along and kick their ass because they are not taking care of business.
Historically, Apple has required regular kicks up the back end to coerce them to take security seriously. Recently, digital security maven Jonathan Zdziarski was hired by Apple to work on their software security. I heartily encourage Apple to let Jonathan loose on all of Apple’s software in order to make security what it should be: Priority #1
And thank you DavGreg for getting involved on a deep level with Apple’s security certificate blundering. I’ve been harping on their lax enterprise developer security certificate system, which has bitten Apple users several times over the past couple years. I had not known about the Citrix handoff situation and am glad you’re bringing it to our attention! 😀
Tim Cook is a killer Queen!