About the security content of macOS Sierra 10.12
This document describes the security content of macOS Sierra 10.12.
About Apple security updates
For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page.
For more information about security, see the Apple Product Security page. You can encrypt communications with Apple using the Apple Product Security PGP Key.
Apple security documents reference vulnerabilities by CVE-ID when possible.
macOS Sierra 10.12
Released September 20, 2016
apache
Available for: OS X El Capitan v10.11.6
Impact: A remote attacker may be able to proxy traffic through an arbitrary server
Description: An issue existed in the handling of the HTTP_PROXY environment variable. This issue was addressed by not setting the HTTP_PROXY environment variable from CGI.
CVE-2016-4694: Dominic Scheirlinck and Scott Geary of Vend
apache_mod_php
Available for: OS X El Capitan v10.11.6
Impact: Multiple issues in PHP, the most significant of which may lead to unexpected application termination or arbitrary code execution.
Description: Multiple issues in PHP were addressed by updating PHP to version 5.6.24.
CVE-2016-5768
CVE-2016-5769
CVE-2016-5770
CVE-2016-5771
CVE-2016-5772
CVE-2016-5773
CVE-2016-6174
CVE-2016-6288
CVE-2016-6289
CVE-2016-6290
CVE-2016-6291
CVE-2016-6292
CVE-2016-6294
CVE-2016-6295
CVE-2016-6296
CVE-2016-6297
Apple HSSPI Support
Available for: OS X El Capitan v10.11.6
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed through improved memory handling.
CVE-2016-4697: Qidan He (@flanker_hqd) from KeenLab working with Trend Micro's Zero Day Initiative
AppleEFIRuntime
Available for: OS X El Capitan v10.11.6
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A null pointer dereference was addressed through improved input validation.
CVE-2016-4696: Shrek_wzw of Qihoo 360 Nirvan Team
AppleMobileFileIntegrity
Available for: OS X El Capitan v10.11.6
Impact: A local application may be able to execute arbitrary code with system privileges
Description: A validation issue existed in the task port inheritance policy. This issue was addressed through improved validation of the process entitlement and Team ID.
CVE-2016-4698: Pedro Vilaça
AppleUUC
Available for: OS X El Capitan v10.11.6
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: Multiple memory corruption issues were addressed through improved input validation.
CVE-2016-4699: Jack Tang (@jacktang310) and Moony Li of Trend Micro working with Trend Micro's Zero Day Initiative
CVE-2016-4700: Jack Tang (@jacktang310) and Moony Li of Trend Micro working with Trend Micro’s Zero Day Initiative
Application Firewall
Available for: OS X El Capitan v10.11.6
Impact: A local user may be able to cause a denial of service
Description: A validation issue existed in the handling of firewall prompts. This issue was addressed through improved validation of SO_EXECPATH.
CVE-2016-4701: Meder Kydyraliev Google Security Team
ATS
Available for: OS X El Capitan v10.11.6
Impact: Processing a maliciously crafted font file may lead to arbitrary code execution
Description: A memory corruption issue was addressed through improved memory handling.
CVE-2016-4779: riusksk of Tencent Security Platform Department
Audio
Available for: OS X El Capitan v10.11.6
Impact: A remote attacker may be able to execute arbitrary code
Description: A memory corruption issue was addressed through improved memory handling.
CVE-2016-4702: YoungJin Yoon, MinSik Shin, HoJae Han, Sunghyun Park, and Taekyoung Kwon of Information Security Lab, Yonsei University.
Bluetooth
Available for: OS X El Capitan v10.11.6
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed through improved input validation.
CVE-2016-4703: Juwei Lin (@fuzzerDOTcn) of Trend Micro
cd9660
Available for: OS X El Capitan v10.11.6
Impact: A local user may be able to cause a system denial of service
Description: An input validation issue was addressed through improved memory handling.
CVE-2016-4706: Recurity Labs on behalf of BSI (German Federal Office for Information Security)
CFNetwork
Available for: OS X El Capitan v10.11.6
Impact: A local user may be able to discover websites a user has visited
Description: An issue existed in Local Storage deletion. This issue was addressed through improved Local Storage cleanup.
CVE-2016-4707: an anonymous researcher
CFNetwork
Available for: OS X El Capitan v10.11.6
Impact: Processing maliciously crafted web content may compromise user information
Description: An input validation issue existed in the parsing of the set-cookie header. This issue was addressed through improved validation checking.
CVE-2016-4708: Dawid Czagan of Silesia Security Lab
CommonCrypto
Available for: OS X El Capitan v10.11.6
Impact: An application using CCrypt may disclose sensitive plaintext if the output and input buffer are the same
Description: An input validation issue existed in corecrypto. This issue was addressed through improved input validation.
CVE-2016-4711: Max Lohrmann
CoreCrypto
Available for: OS X El Capitan v10.11.6
Impact: An application may be able to execute arbitrary code
Description: An out-of-bounds write issue was addressed by removing the vulnerable code.
CVE-2016-4712: Gergo Koteles
CoreDisplay
Available for: OS X El Capitan v10.11.6
Impact: A user with screen sharing access may be able to view another user's screen
Description: A session management issue existed in the handling of screen sharing sessions. This issue was addressed through improved session tracking.
CVE-2016-4713: Ruggero Alberti
curl
Available for: OS X El Capitan v10.11.6
Impact: Multiple issues in curl
Description: Multiple security issues existed in curl prior to version 7.49.1. These issues were addressed by updating curl to version 7.49.1.
CVE-2016-0755: Isaac Boukris
Date & Time Pref Pane
Available for: OS X El Capitan v10.11.6
Impact: A malicious application may be able to determine a user's current location
Description: An issue existed in the handling of the .GlobalPreferences file. This was addressed though improved validation.
CVE-2016-4715: Taiki (@Taiki__San) at ESIEA (Paris)
DiskArbitration
Available for: OS X El Capitan v10.11.6
Impact: A local user may be able to execute arbitrary code with system privileges
Description: An access issue existed in diskutil. This issue was addressed through improved permissions checking.
CVE-2016-4716: Alexander Allen of The North Carolina School of Science and Mathematics
File Bookmark
Available for: OS X El Capitan v10.11.6
Impact: A local application may be able to cause a denial of service
Description: A resource management issue existed in the handling of scoped bookmarks. This issue was addressed through improved file descriptor handling.
CVE-2016-4717: Tom Bradley of 71Squared Ltd
FontParser
Available for: OS X El Capitan v10.11.6
Impact: Processing a maliciously crafted font may result in the disclosure of process memory
Description: A buffer overflow existed in the handling of font files. This issue was addressed through improved bounds checking.
CVE-2016-4718: Apple
IDS - Connectivity
Available for: OS X El Capitan v10.11.6
Impact: An attacker in a privileged network position may be able to cause a denial of service
Description: A spoofing issue existed in the handling of Call Relay. This issue was addressed through improved input validation.
CVE-2016-4722: Martin Vigo (@martin_vigo) of salesforce.com
Intel Graphics Driver
Available for: OS X El Capitan v10.11.6
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: Multiple memory corruption issues were addressed through improved memory handling.
CVE-2016-4723: daybreaker of Minionz
IOAcceleratorFamily
Available for: OS X El Capitan v10.11.6
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A null pointer dereference was addressed through improved input validation.
CVE-2016-4724: Cererdlong, Eakerqiu of Team OverSky
IOAcceleratorFamily
Available for: OS X El Capitan v10.11.6
Impact: Processing maliciously crafted web content may result in the disclosure of process memory
Description: A memory corruption issue was addressed through improved input validation.
CVE-2016-4725: Rodger Combs of Plex, Inc
IOAcceleratorFamily
Available for: OS X El Capitan v10.11.6
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed through improved memory handling.
CVE-2016-4726: an anonymous researcher
IOThunderboltFamily
Available for: OS X El Capitan v10.11.6
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed through improved memory handling.
CVE-2016-4727: wmin working with Trend Micros Zero Day Initiative
Kerberos v5 PAM module
Available for: OS X El Capitan v10.11.6
Impact: A remote attacker may determine the existence of user accounts
Description: A timing side channel allowed an attacker to determine the existence of user accounts on a system. This issue was addressed by introducing constant time checks.
CVE-2016-4745: an anonymous researcher
Kernel
Available for: OS X El Capitan v10.11.6
Impact: A local application may be able to access restricted files
Description: A parsing issue in the handling of directory paths was addressed through improved path validation.
CVE-2016-4771: Balazs Bucsay, Research Director of MRG Effitas
Kernel
Available for: OS X El Capitan v10.11.6
Impact: A remote attacker may be able to cause a denial of service
Description: A lock handling issue was addressed through improved lock handling.
CVE-2016-4772: Marc Heuse of mh-sec
Kernel
Available for: OS X El Capitan v10.11.6
Impact: An application may be able to determine kernel memory layout
Description: Multiple out-of-bounds read issues existed that led to the disclosure of kernel memory. These were addressed through improved input validation.
CVE-2016-4773: Brandon Azad
CVE-2016-4774: Brandon Azad
CVE-2016-4776: Brandon Azad
Kernel
Available for: OS X El Capitan v10.11.6
Impact: A local user may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed through improved memory handling.
CVE-2016-4775: Brandon Azad
Kernel
Available for: OS X El Capitan v10.11.6
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: An untrusted pointer dereference was addressed by removing the affected code.
CVE-2016-4777: Lufeng Li of Qihoo 360 Vulcan Team
Kernel
Available for: OS X El Capitan v10.11.6
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: Multiple memory corruption issues were addressed through improved memory handling.
CVE-2016-4778: CESG
libarchive
Available for: OS X El Capitan v10.11.6
Impact: Multiple issues in libarchive
Description: Multiple memory corruption issues existed in libarchive. These issues were addressed through improved input validation.
CVE-2016-4736: Proteas of Qihoo 360 Nirvan Team
libxml2
Available for: OS X El Capitan v10.11.6
Impact: Multiple issues in libxml2, the most significant of which may lead to unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues were addressed through improved memory handling.
CVE-2016-4658: Nick Wellnhofer
CVE-2016-5131: Nick Wellnhofer
libxslt
Available for: OS X El Capitan v10.11.6
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: A memory corruption issue was addressed through improved memory handling.
CVE-2016-4738: Nick Wellnhofer
mDNSResponder
Available for: OS X El Capitan v10.11.6
Impact: A remote attacker may be able to view sensitive information
Description: Applications using VMnet.framework enabled a DNS proxy listening on all network interfaces. This issue was addressed by restricting DNS query responses to local interfaces.
CVE-2016-4739: Magnus Skjegstad, David Scott and Anil Madhavapeddy from Docker, Inc.
NSSecureTextField
Available for: OS X El Capitan v10.11.6
Impact: A malicious application may be able to leak a user's credentials
Description: A state management issue existed in NSSecureTextField, which failed to enable Secure Input. This issue was addressed through improved window management.
CVE-2016-4742: Rick Fillion of AgileBits, Daniel Jalkut of Red Sweater Software
Perl
Available for: OS X El Capitan v10.11.6
Impact: A local user may be able to bypass the taint protection mechanism
Description: An issue existed in the parsing of environment variables. This issue was addressed through improved validation of environment variables.
CVE-2016-4748: Stephane Chazelas
S2 Camera
Available for: OS X El Capitan v10.11.6
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed through improved memory handling.
CVE-2016-4750: Jack Tang (@jacktang310) and Moony Li of Trend Micro working with Trend Micro’s Zero Day Initiative
Security
Available for: OS X El Capitan v10.11.6
Impact: An application using SecKeyDeriveFromPassword may leak memory
Description: A resource management issue existed in the handling of key derivation. This issue was addressed by adding CF_RETURNS_RETAINED to SecKeyDeriveFromPassword.
CVE-2016-4752: Mark Rogers of PowerMapper Software
Security
Available for: OS X El Capitan v10.11.6
Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: A validation issue existed in signed disk images. This issue was addressed through improved size validation.
CVE-2016-4753: Mark Mentovai of Google Inc.
Terminal
Available for: OS X El Capitan v10.11.6
Impact: A local user may be able to leak sensitive user information
Description: A permissions issue existed in .bash_history and .bash_session. This issue was addressed through improved access restrictions.
CVE-2016-4755: Axel Luttgens
WindowServer
Available for: OS X El Capitan v10.11.6
Impact: A local user may be able to gain root privileges
Description: A type confusion issue was addressed through improved memory handling.
CVE-2016-4709: an anonymous researcher
CVE-2016-4710: an anonymous researcher
macOS Sierra 10.12 includes the security content of Safari 10.
Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Risks are inherent in the use of the Internet. Contact the vendor for additional information. Other company and product names may be trademarks of their respective owners.
Last Modified: