![]() |
Security Update: tvOS 9.2
(2016-03-21)Apple has updated tvOS, for 4th generation Apple TVs, to version 9.2. The update addresses the following security related issues:
- FontParser (CVE-2016-1740): Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution
- HTTPProtocol (CVE-2015-8659): A remote attacker may be able to execute arbitrary code
- IOHIDFamily (CVE-2016-1748): An application may be able to determine kernel memory layout
- Kernel (CVE-2016-1750, CVE-2016-1753, CVE-2016-1754, CVE-2016-1755): An application may be able to execute arbitrary code with kernel privileges
- Kernel (CVE-2016-1751): An application may be able to bypass code signing
- Kernel (CVE-2016-1752): An application may be able to cause a denial of service
- libxml2 (CVE-2015-1819, CVE-2015-5312, CVE-2015-7499, CVE-2015-7500, CVE-2015-7942, CVE-2015-8035, CVE-2015-8242, CVE-2016-1762): Processing maliciously crafted XML may lead to unexpected application termination or arbitrary code execution
- Security (CVE-2016-1950): Processing a maliciously crafted certificate may lead to arbitrary code execution
- TrueTypeScaler (CVE-2016-1775): Processing a maliciously crafted font file may lead to arbitrary code execution
- WebKit (CVE-2016-1783): Processing maliciously crafted web content may lead to arbitrary code execution
- WebKit History (CVE-2016-1784): Processing maliciously crafted web content may lead to an unexpected Safari crash
- Wi-Fi (CVE-2016-0801, CVE-2016-0802): An attacker with a privileged network position may be able to execute arbitrary code