iCloud Control Panel 歷史版本列表
需要 iCloud Control Panel 才能使用照片流,郵件,聯繫人和日曆和書籤。 iCloud Control Panel 可讓您輕鬆地在 iOS 設備,Mac 和 Windows PC 之間保持聯繫人,日曆和書籤的最新狀態。您還可以使用共享照片流與親朋好友分享精選照片,並附有通知和評論。在您使用的每台設備上獲取您喜愛的所有設備。當您在 Windows PC 上下載並設置 iCloud ... iCloud Control Panel 軟體介紹更新時間:2018-12-06
更新細節:
What's new in this version:
iCloud Control Panel 7.9.0.9
Safari:
- Available for: Windows 7 and later
- Impact: Visiting a malicious website may lead to address bar spoofing
- Description: A logic issue was addressed with improved state management.
- CVE-2018-4440: Wenxu Wu of Tencent Security Xuanwu Lab (xlab.tencent.com)
Safari:
- Available for: Windows 7 and later
- Impact: Visiting a malicious website may lead to user interface spoofing
- Description: A logic issue was addressed with improved validation.
- CVE-2018-4439: xisigr of Tencent's Xuanwu Lab (tencent.com)
WebKit:
- Available for: Windows 7 and later
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: Multiple memory corruption issues were addressed with improved memory handling.
- CVE-2018-4437: HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST Softsec Lab, Korea
- CVE-2018-4464: HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST Softsec Lab, Korea
WebKit:
- Available for: Windows 7 and later
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: A memory corruption issue was addressed with improved memory handling.
- CVE-2018-4441: lokihardt of Google Project Zero
- CVE-2018-4442: lokihardt of Google Project Zero
- CVE-2018-4443: lokihardt of Google Project Zero
WebKit:
- Available for: Windows 7 and later
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: A logic issue existed resulting in memory corruption. This was addressed with improved state management
iCloud Control Panel 7.8.1.12
- Change log not available for this version
iCloud Control Panel 7.8.0.7
- Change log not available for this version
iCloud Control Panel 7.7.0.27
WebKit:
- Impact: Unexpected interaction causes an ASSERT failure
- Description: A memory corruption issue was addressed with improved validation
- CVE-2018-4191: found by OSS-Fuzz
WebKit:
- Impact: Cross-origin SecurityErrors includes the accessed frame’s origin
- Description: The issue was addressed by removing origin information
- CVE-2018-4311: Erling Alf Ellingsen (@steike)
WebKit:
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: A memory corruption issue was addressed with improved state management
- CVE-2018-4316: crixer, Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team
WebKit:
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: Multiple memory corruption issues were addressed with improved memory handling.
- CVE-2018-4299: Samuel Groβ (saelo) working with Trend Micro's Zero Day Initiative
- CVE-2018-4323: Ivan Fratric of Google Project Zero
- CVE-2018-4328: Ivan Fratric of Google Project Zero
- CVE-2018-4358: @phoenhex team (@bkth_ @5aelo @_niklasb) working with Trend Micro's Zero Day Initiative
- CVE-2018-4359: Samuel Groß (@5aelo)
WebKit:
- Available for: Windows 7 and later
- Impact: A malicious website may cause unexepected cross-origin behavior
- Description: A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins
- CVE-2018-4319: John Pettitt of Google
WebKit:
- Available for: Windows 7 and later
- Impact: A malicious website may be able to execute scripts in the context of another website
- Description: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation
- CVE-2018-4309: an anonymous researcher working with Trend Micro's Zero Day Initiative
WebKit:
- Available for: Windows 7 and later
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: A use after free issue was addressed with improved memory management
- CVE-2018-4197: Ivan Fratric of Google Project Zero
- CVE-2018-4306: Ivan Fratric of Google Project Zero
- CVE-2018-4312: Ivan Fratric of Google Project Zero
- CVE-2018-4314: Ivan Fratric of Google Project Zero
- CVE-2018-4315: Ivan Fratric of Google Project Zero
- CVE-2018-4317: Ivan Fratric of Google Project Zero
- CVE-2018-4318: Ivan Fratric of Google Project Zero
WebKit:
- Impact: A malicious website may exfiltrate image data cross-origin
- Description: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation
- CVE-2018-4345: an anonymous researcher
WebKit:
- Impact: Unexpected interaction causes an ASSERT failure
- Description: A memory consumption issue was addressed with improved memory handling
- CVE-2018-4361: found by Google OSS-Fuzz
iCloud Control Panel 7.6.0.15
CFNetwork:
- A cookie management issue was addressed with improved checks
WebKit:
- A memory corruption issue was addressed with improved memory handling
WebKit:
- A type confusion issue was addressed with improved memory handling
- Sound fetched through audio elements may be exfiltrated cross-originThis issue was addressed with improved audio taint tracking
- A race condition was addressed with additional validation
- Multiple memory corruption issues were addressed with improved memory handling
- Multiple memory corruption issues were addressed with improved input validation
iCloud Control Panel 7.5.0.34
Security:
- An authorization issue was addressed with improved state management
WebKit:
- A permissions issue existed in the handling of web browser cookies. This issue was addressed with improved restrictions.
- A race condition was addressed with improved locking
- A memory corruption issue was addressed with improved input validation
- A memory corruption issue was addressed with improved memory handling
- A type confusion issue was addressed with improved memory handling
- A memory corruption issue was addressed with improved state management
- Multiple memory corruption issues were addressed with improved memory handling
- An inconsistent user interface issue was addressed with improved state management
- Credentials were unexpectedly sent when fetching CSS mask images. This was addressed by using a CORS-enabled fetch method
- A buffer overflow issue was addressed with improved memory handling
- An out-of-bounds read was addressed with improved input validation
iCloud Control Panel 7.4.0.111
Security:
- Impact: A malicious application may be able to elevate privileges
- Description: A buffer overflow was addressed with improved size validation
WebKit:
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: Multiple memory corruption issues were addressed with improved memory handling
WebKit:
- Impact: Unexpected interaction with indexing types causing an ASSERT failure
- Description: An array indexing issue existed in the handling of a function in javascript core. This issue was addressed through improved checks
WebKit:
- Impact: Processing maliciously crafted web content may lead to a denial of service
- Description: A memory corruption issue was addressed through improved input validation
WebKit:
- Impact: A malicious website may exfiltrate data cross-origin
- Description: A cross-origin issue existed with the fetch API. This was addressed through improved input validation
iCloud Control Panel 7.3.0.20
WebKit:
- Available for: Windows 7 and later
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: Multiple memory corruption issues were addressed with improved memory handling
- CVE-2018-4088: Jeonghoon Shin of Theori
- CVE-2018-4096: found by OSS-Fuzz
iCloud Control Panel 7.2.0.67
- Change log not available for this verison
iCloud Control Panel 7.1.0.34
- Change log not available for this verison
iCloud Control Panel 7.0.1.210
- SQLite available for: Windows 7 and later
- A memory corruption issue was addressed through improved input validation.
- Multiple memory corruption issues were addressed with improved memory handling.
- A logic issue existed in the handling of parent-tab. This issue was addressed with improved state management.
- A permissions issue existed in the handling of web browser cookies. This issue was addressed by no longer returning cookies for custom URL schemes.
- An inconsistent user interface issue was addressed with improved state management.
- Application Cache policy may be unexpectedly applied
iCloud Control Panel 6.2.3.17
- Change log not available for this verison
iCloud Control Panel 6.2.2.39
- Multiple memory corruption issues were addressed with improved memory handling
iCloud Control Panel 6.2.1.67
- A client certificate was sent in plaintext. This issue was addressed through improved certificate handling
- Multiple memory corruption issues were addressed through improved memory handling
- Multiple memory corruption issues were addressed through improved memory handling
- A validation issue existed in element handling. This issue was addressed through improved validation
iCloud Control Panel 6.1.2.13
- Change log not available for this version
iCloud Control Panel 6.1.0.30
- Multiple memory corruption issues were addressed through improved memory handling
- A memory corruption issue was addressed through improved state management
- The iCloud desktop client failed to clear sensitive information in memory
iCloud Control Panel 6.0.2.10
- Change log not available for this version
iCloud Control Panel 6.0.1.41
- A memory corruption issue was addressed through improved memory handling
iCloud Control Panel 5.2.2.87
- Change log not available for this version
iCloud Control Panel 5.2.1.69
- Change log not available for this version
更新時間:2018-11-28
更新細節:
What's new in this version:
iCloud Control Panel 7.8.1.12
- Change log not available for this version
iCloud Control Panel 7.8.0.7
- Change log not available for this version
iCloud Control Panel 7.7.0.27
WebKit:
- Impact: Unexpected interaction causes an ASSERT failure
- Description: A memory corruption issue was addressed with improved validation
- CVE-2018-4191: found by OSS-Fuzz
WebKit:
- Impact: Cross-origin SecurityErrors includes the accessed frame’s origin
- Description: The issue was addressed by removing origin information
- CVE-2018-4311: Erling Alf Ellingsen (@steike)
WebKit:
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: A memory corruption issue was addressed with improved state management
- CVE-2018-4316: crixer, Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team
WebKit:
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: Multiple memory corruption issues were addressed with improved memory handling.
- CVE-2018-4299: Samuel Groβ (saelo) working with Trend Micro's Zero Day Initiative
- CVE-2018-4323: Ivan Fratric of Google Project Zero
- CVE-2018-4328: Ivan Fratric of Google Project Zero
- CVE-2018-4358: @phoenhex team (@bkth_ @5aelo @_niklasb) working with Trend Micro's Zero Day Initiative
- CVE-2018-4359: Samuel Groß (@5aelo)
WebKit:
- Available for: Windows 7 and later
- Impact: A malicious website may cause unexepected cross-origin behavior
- Description: A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins
- CVE-2018-4319: John Pettitt of Google
WebKit:
- Available for: Windows 7 and later
- Impact: A malicious website may be able to execute scripts in the context of another website
- Description: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation
- CVE-2018-4309: an anonymous researcher working with Trend Micro's Zero Day Initiative
WebKit:
- Available for: Windows 7 and later
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: A use after free issue was addressed with improved memory management
- CVE-2018-4197: Ivan Fratric of Google Project Zero
- CVE-2018-4306: Ivan Fratric of Google Project Zero
- CVE-2018-4312: Ivan Fratric of Google Project Zero
- CVE-2018-4314: Ivan Fratric of Google Project Zero
- CVE-2018-4315: Ivan Fratric of Google Project Zero
- CVE-2018-4317: Ivan Fratric of Google Project Zero
- CVE-2018-4318: Ivan Fratric of Google Project Zero
WebKit:
- Impact: A malicious website may exfiltrate image data cross-origin
- Description: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation
- CVE-2018-4345: an anonymous researcher
WebKit:
- Impact: Unexpected interaction causes an ASSERT failure
- Description: A memory consumption issue was addressed with improved memory handling
- CVE-2018-4361: found by Google OSS-Fuzz
iCloud Control Panel 7.6.0.15
CFNetwork:
- A cookie management issue was addressed with improved checks
WebKit:
- A memory corruption issue was addressed with improved memory handling
WebKit:
- A type confusion issue was addressed with improved memory handling
- Sound fetched through audio elements may be exfiltrated cross-originThis issue was addressed with improved audio taint tracking
- A race condition was addressed with additional validation
- Multiple memory corruption issues were addressed with improved memory handling
- Multiple memory corruption issues were addressed with improved input validation
iCloud Control Panel 7.5.0.34
Security:
- An authorization issue was addressed with improved state management
WebKit:
- A permissions issue existed in the handling of web browser cookies. This issue was addressed with improved restrictions.
- A race condition was addressed with improved locking
- A memory corruption issue was addressed with improved input validation
- A memory corruption issue was addressed with improved memory handling
- A type confusion issue was addressed with improved memory handling
- A memory corruption issue was addressed with improved state management
- Multiple memory corruption issues were addressed with improved memory handling
- An inconsistent user interface issue was addressed with improved state management
- Credentials were unexpectedly sent when fetching CSS mask images. This was addressed by using a CORS-enabled fetch method
- A buffer overflow issue was addressed with improved memory handling
- An out-of-bounds read was addressed with improved input validation
iCloud Control Panel 7.4.0.111
Security:
- Impact: A malicious application may be able to elevate privileges
- Description: A buffer overflow was addressed with improved size validation
WebKit:
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: Multiple memory corruption issues were addressed with improved memory handling
WebKit:
- Impact: Unexpected interaction with indexing types causing an ASSERT failure
- Description: An array indexing issue existed in the handling of a function in javascript core. This issue was addressed through improved checks
WebKit:
- Impact: Processing maliciously crafted web content may lead to a denial of service
- Description: A memory corruption issue was addressed through improved input validation
WebKit:
- Impact: A malicious website may exfiltrate data cross-origin
- Description: A cross-origin issue existed with the fetch API. This was addressed through improved input validation
iCloud Control Panel 7.3.0.20
WebKit:
- Available for: Windows 7 and later
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: Multiple memory corruption issues were addressed with improved memory handling
- CVE-2018-4088: Jeonghoon Shin of Theori
- CVE-2018-4096: found by OSS-Fuzz
iCloud Control Panel 7.2.0.67
- Change log not available for this verison
iCloud Control Panel 7.1.0.34
- Change log not available for this verison
iCloud Control Panel 7.0.1.210
- SQLite available for: Windows 7 and later
- A memory corruption issue was addressed through improved input validation.
- Multiple memory corruption issues were addressed with improved memory handling.
- A logic issue existed in the handling of parent-tab. This issue was addressed with improved state management.
- A permissions issue existed in the handling of web browser cookies. This issue was addressed by no longer returning cookies for custom URL schemes.
- An inconsistent user interface issue was addressed with improved state management.
- Application Cache policy may be unexpectedly applied
iCloud Control Panel 6.2.3.17
- Change log not available for this verison
iCloud Control Panel 6.2.2.39
- Multiple memory corruption issues were addressed with improved memory handling
iCloud Control Panel 6.2.1.67
- A client certificate was sent in plaintext. This issue was addressed through improved certificate handling
- Multiple memory corruption issues were addressed through improved memory handling
- Multiple memory corruption issues were addressed through improved memory handling
- A validation issue existed in element handling. This issue was addressed through improved validation
iCloud Control Panel 6.1.2.13
- Change log not available for this version
iCloud Control Panel 6.1.0.30
- Multiple memory corruption issues were addressed through improved memory handling
- A memory corruption issue was addressed through improved state management
- The iCloud desktop client failed to clear sensitive information in memory
iCloud Control Panel 6.0.2.10
- Change log not available for this version
iCloud Control Panel 6.0.1.41
- A memory corruption issue was addressed through improved memory handling
iCloud Control Panel 5.2.2.87
- Change log not available for this version
iCloud Control Panel 5.2.1.69
- Change log not available for this version
更新時間:2018-10-31
更新細節:
What's new in this version:
iCloud Control Panel 7.8.0.7
- Change log not available for this version
iCloud Control Panel 7.7.0.27
WebKit:
- Impact: Unexpected interaction causes an ASSERT failure
- Description: A memory corruption issue was addressed with improved validation
- CVE-2018-4191: found by OSS-Fuzz
WebKit:
- Impact: Cross-origin SecurityErrors includes the accessed frame’s origin
- Description: The issue was addressed by removing origin information
- CVE-2018-4311: Erling Alf Ellingsen (@steike)
WebKit:
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: A memory corruption issue was addressed with improved state management
- CVE-2018-4316: crixer, Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team
WebKit:
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: Multiple memory corruption issues were addressed with improved memory handling.
- CVE-2018-4299: Samuel Groβ (saelo) working with Trend Micro's Zero Day Initiative
- CVE-2018-4323: Ivan Fratric of Google Project Zero
- CVE-2018-4328: Ivan Fratric of Google Project Zero
- CVE-2018-4358: @phoenhex team (@bkth_ @5aelo @_niklasb) working with Trend Micro's Zero Day Initiative
- CVE-2018-4359: Samuel Groß (@5aelo)
WebKit:
- Available for: Windows 7 and later
- Impact: A malicious website may cause unexepected cross-origin behavior
- Description: A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins
- CVE-2018-4319: John Pettitt of Google
WebKit:
- Available for: Windows 7 and later
- Impact: A malicious website may be able to execute scripts in the context of another website
- Description: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation
- CVE-2018-4309: an anonymous researcher working with Trend Micro's Zero Day Initiative
WebKit:
- Available for: Windows 7 and later
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: A use after free issue was addressed with improved memory management
- CVE-2018-4197: Ivan Fratric of Google Project Zero
- CVE-2018-4306: Ivan Fratric of Google Project Zero
- CVE-2018-4312: Ivan Fratric of Google Project Zero
- CVE-2018-4314: Ivan Fratric of Google Project Zero
- CVE-2018-4315: Ivan Fratric of Google Project Zero
- CVE-2018-4317: Ivan Fratric of Google Project Zero
- CVE-2018-4318: Ivan Fratric of Google Project Zero
WebKit:
- Impact: A malicious website may exfiltrate image data cross-origin
- Description: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation
- CVE-2018-4345: an anonymous researcher
WebKit:
- Impact: Unexpected interaction causes an ASSERT failure
- Description: A memory consumption issue was addressed with improved memory handling
- CVE-2018-4361: found by Google OSS-Fuzz
iCloud Control Panel 7.6.0.15
CFNetwork:
- A cookie management issue was addressed with improved checks
WebKit:
- A memory corruption issue was addressed with improved memory handling
WebKit:
- A type confusion issue was addressed with improved memory handling
- Sound fetched through audio elements may be exfiltrated cross-originThis issue was addressed with improved audio taint tracking
- A race condition was addressed with additional validation
- Multiple memory corruption issues were addressed with improved memory handling
- Multiple memory corruption issues were addressed with improved input validation
iCloud Control Panel 7.5.0.34
Security:
- An authorization issue was addressed with improved state management
WebKit:
- A permissions issue existed in the handling of web browser cookies. This issue was addressed with improved restrictions.
- A race condition was addressed with improved locking
- A memory corruption issue was addressed with improved input validation
- A memory corruption issue was addressed with improved memory handling
- A type confusion issue was addressed with improved memory handling
- A memory corruption issue was addressed with improved state management
- Multiple memory corruption issues were addressed with improved memory handling
- An inconsistent user interface issue was addressed with improved state management
- Credentials were unexpectedly sent when fetching CSS mask images. This was addressed by using a CORS-enabled fetch method
- A buffer overflow issue was addressed with improved memory handling
- An out-of-bounds read was addressed with improved input validation
iCloud Control Panel 7.4.0.111
Security:
- Impact: A malicious application may be able to elevate privileges
- Description: A buffer overflow was addressed with improved size validation
WebKit:
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: Multiple memory corruption issues were addressed with improved memory handling
WebKit:
- Impact: Unexpected interaction with indexing types causing an ASSERT failure
- Description: An array indexing issue existed in the handling of a function in javascript core. This issue was addressed through improved checks
WebKit:
- Impact: Processing maliciously crafted web content may lead to a denial of service
- Description: A memory corruption issue was addressed through improved input validation
WebKit:
- Impact: A malicious website may exfiltrate data cross-origin
- Description: A cross-origin issue existed with the fetch API. This was addressed through improved input validation
iCloud Control Panel 7.3.0.20
WebKit:
- Available for: Windows 7 and later
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: Multiple memory corruption issues were addressed with improved memory handling
- CVE-2018-4088: Jeonghoon Shin of Theori
- CVE-2018-4096: found by OSS-Fuzz
iCloud Control Panel 7.2.0.67
- Change log not available for this verison
iCloud Control Panel 7.1.0.34
- Change log not available for this verison
iCloud Control Panel 7.0.1.210
- SQLite available for: Windows 7 and later
- A memory corruption issue was addressed through improved input validation.
- Multiple memory corruption issues were addressed with improved memory handling.
- A logic issue existed in the handling of parent-tab. This issue was addressed with improved state management.
- A permissions issue existed in the handling of web browser cookies. This issue was addressed by no longer returning cookies for custom URL schemes.
- An inconsistent user interface issue was addressed with improved state management.
- Application Cache policy may be unexpectedly applied
iCloud Control Panel 6.2.3.17
- Change log not available for this verison
iCloud Control Panel 6.2.2.39
- Multiple memory corruption issues were addressed with improved memory handling
iCloud Control Panel 6.2.1.67
- A client certificate was sent in plaintext. This issue was addressed through improved certificate handling
- Multiple memory corruption issues were addressed through improved memory handling
- Multiple memory corruption issues were addressed through improved memory handling
- A validation issue existed in element handling. This issue was addressed through improved validation
iCloud Control Panel 6.1.2.13
- Change log not available for this version
iCloud Control Panel 6.1.0.30
- Multiple memory corruption issues were addressed through improved memory handling
- A memory corruption issue was addressed through improved state management
- The iCloud desktop client failed to clear sensitive information in memory
iCloud Control Panel 6.0.2.10
- Change log not available for this version
iCloud Control Panel 6.0.1.41
- A memory corruption issue was addressed through improved memory handling
iCloud Control Panel 5.2.2.87
- Change log not available for this version
iCloud Control Panel 5.2.1.69
- Change log not available for this version
更新時間:2018-10-09
更新細節:
What's new in this version:
iCloud Control Panel 7.7.0.27
WebKit:
- Impact: Unexpected interaction causes an ASSERT failure
- Description: A memory corruption issue was addressed with improved validation
- CVE-2018-4191: found by OSS-Fuzz
WebKit:
- Impact: Cross-origin SecurityErrors includes the accessed frame’s origin
- Description: The issue was addressed by removing origin information
- CVE-2018-4311: Erling Alf Ellingsen (@steike)
WebKit:
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: A memory corruption issue was addressed with improved state management
- CVE-2018-4316: crixer, Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team
WebKit:
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: Multiple memory corruption issues were addressed with improved memory handling.
- CVE-2018-4299: Samuel Groβ (saelo) working with Trend Micro's Zero Day Initiative
- CVE-2018-4323: Ivan Fratric of Google Project Zero
- CVE-2018-4328: Ivan Fratric of Google Project Zero
- CVE-2018-4358: @phoenhex team (@bkth_ @5aelo @_niklasb) working with Trend Micro's Zero Day Initiative
- CVE-2018-4359: Samuel Groß (@5aelo)
WebKit:
- Available for: Windows 7 and later
- Impact: A malicious website may cause unexepected cross-origin behavior
- Description: A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins
- CVE-2018-4319: John Pettitt of Google
WebKit:
- Available for: Windows 7 and later
- Impact: A malicious website may be able to execute scripts in the context of another website
- Description: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation
- CVE-2018-4309: an anonymous researcher working with Trend Micro's Zero Day Initiative
WebKit:
- Available for: Windows 7 and later
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: A use after free issue was addressed with improved memory management
- CVE-2018-4197: Ivan Fratric of Google Project Zero
- CVE-2018-4306: Ivan Fratric of Google Project Zero
- CVE-2018-4312: Ivan Fratric of Google Project Zero
- CVE-2018-4314: Ivan Fratric of Google Project Zero
- CVE-2018-4315: Ivan Fratric of Google Project Zero
- CVE-2018-4317: Ivan Fratric of Google Project Zero
- CVE-2018-4318: Ivan Fratric of Google Project Zero
WebKit:
- Impact: A malicious website may exfiltrate image data cross-origin
- Description: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation
- CVE-2018-4345: an anonymous researcher
WebKit:
- Impact: Unexpected interaction causes an ASSERT failure
- Description: A memory consumption issue was addressed with improved memory handling
- CVE-2018-4361: found by Google OSS-Fuzz
iCloud Control Panel 7.6.0.15
CFNetwork:
- A cookie management issue was addressed with improved checks
WebKit:
- A memory corruption issue was addressed with improved memory handling
WebKit:
- A type confusion issue was addressed with improved memory handling
- Sound fetched through audio elements may be exfiltrated cross-originThis issue was addressed with improved audio taint tracking
- A race condition was addressed with additional validation
- Multiple memory corruption issues were addressed with improved memory handling
- Multiple memory corruption issues were addressed with improved input validation
iCloud Control Panel 7.5.0.34
Security:
- An authorization issue was addressed with improved state management
WebKit:
- A permissions issue existed in the handling of web browser cookies. This issue was addressed with improved restrictions.
- A race condition was addressed with improved locking
- A memory corruption issue was addressed with improved input validation
- A memory corruption issue was addressed with improved memory handling
- A type confusion issue was addressed with improved memory handling
- A memory corruption issue was addressed with improved state management
- Multiple memory corruption issues were addressed with improved memory handling
- An inconsistent user interface issue was addressed with improved state management
- Credentials were unexpectedly sent when fetching CSS mask images. This was addressed by using a CORS-enabled fetch method
- A buffer overflow issue was addressed with improved memory handling
- An out-of-bounds read was addressed with improved input validation
iCloud Control Panel 7.4.0.111
Security:
- Impact: A malicious application may be able to elevate privileges
- Description: A buffer overflow was addressed with improved size validation
WebKit:
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: Multiple memory corruption issues were addressed with improved memory handling
WebKit:
- Impact: Unexpected interaction with indexing types causing an ASSERT failure
- Description: An array indexing issue existed in the handling of a function in javascript core. This issue was addressed through improved checks
WebKit:
- Impact: Processing maliciously crafted web content may lead to a denial of service
- Description: A memory corruption issue was addressed through improved input validation
WebKit:
- Impact: A malicious website may exfiltrate data cross-origin
- Description: A cross-origin issue existed with the fetch API. This was addressed through improved input validation
iCloud Control Panel 7.3.0.20
WebKit:
- Available for: Windows 7 and later
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: Multiple memory corruption issues were addressed with improved memory handling
- CVE-2018-4088: Jeonghoon Shin of Theori
- CVE-2018-4096: found by OSS-Fuzz
iCloud Control Panel 7.2.0.67
- Change log not available for this verison
iCloud Control Panel 7.1.0.34
- Change log not available for this verison
iCloud Control Panel 7.0.1.210
- SQLite available for: Windows 7 and later
- A memory corruption issue was addressed through improved input validation.
- Multiple memory corruption issues were addressed with improved memory handling.
- A logic issue existed in the handling of parent-tab. This issue was addressed with improved state management.
- A permissions issue existed in the handling of web browser cookies. This issue was addressed by no longer returning cookies for custom URL schemes.
- An inconsistent user interface issue was addressed with improved state management.
- Application Cache policy may be unexpectedly applied
iCloud Control Panel 6.2.3.17
- Change log not available for this verison
iCloud Control Panel 6.2.2.39
- Multiple memory corruption issues were addressed with improved memory handling
iCloud Control Panel 6.2.1.67
- A client certificate was sent in plaintext. This issue was addressed through improved certificate handling
- Multiple memory corruption issues were addressed through improved memory handling
- Multiple memory corruption issues were addressed through improved memory handling
- A validation issue existed in element handling. This issue was addressed through improved validation
iCloud Control Panel 6.1.2.13
- Change log not available for this version
iCloud Control Panel 6.1.0.30
- Multiple memory corruption issues were addressed through improved memory handling
- A memory corruption issue was addressed through improved state management
- The iCloud desktop client failed to clear sensitive information in memory
iCloud Control Panel 6.0.2.10
- Change log not available for this version
iCloud Control Panel 6.0.1.41
- A memory corruption issue was addressed through improved memory handling
iCloud Control Panel 5.2.2.87
- Change log not available for this version
iCloud Control Panel 5.2.1.69
- Change log not available for this version
更新時間:2018-07-10
更新細節:
What's new in this version:
iCloud Control Panel 7.6.0.15
CFNetwork:
- A cookie management issue was addressed with improved checks
WebKit:
- A memory corruption issue was addressed with improved memory handling
WebKit:
- A type confusion issue was addressed with improved memory handling
- Sound fetched through audio elements may be exfiltrated cross-originThis issue was addressed with improved audio taint tracking
- A race condition was addressed with additional validation
- Multiple memory corruption issues were addressed with improved memory handling
- Multiple memory corruption issues were addressed with improved input validation
iCloud Control Panel 7.5.0.34
Security:
- An authorization issue was addressed with improved state management
WebKit:
- A permissions issue existed in the handling of web browser cookies. This issue was addressed with improved restrictions.
- A race condition was addressed with improved locking
- A memory corruption issue was addressed with improved input validation
- A memory corruption issue was addressed with improved memory handling
- A type confusion issue was addressed with improved memory handling
- A memory corruption issue was addressed with improved state management
- Multiple memory corruption issues were addressed with improved memory handling
- An inconsistent user interface issue was addressed with improved state management
- Credentials were unexpectedly sent when fetching CSS mask images. This was addressed by using a CORS-enabled fetch method
- A buffer overflow issue was addressed with improved memory handling
- An out-of-bounds read was addressed with improved input validation
iCloud Control Panel 7.4.0.111
Security:
- Impact: A malicious application may be able to elevate privileges
- Description: A buffer overflow was addressed with improved size validation
WebKit:
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: Multiple memory corruption issues were addressed with improved memory handling
WebKit:
- Impact: Unexpected interaction with indexing types causing an ASSERT failure
- Description: An array indexing issue existed in the handling of a function in javascript core. This issue was addressed through improved checks
WebKit:
- Impact: Processing maliciously crafted web content may lead to a denial of service
- Description: A memory corruption issue was addressed through improved input validation
WebKit:
- Impact: A malicious website may exfiltrate data cross-origin
- Description: A cross-origin issue existed with the fetch API. This was addressed through improved input validation
iCloud Control Panel 7.3.0.20
WebKit:
- Available for: Windows 7 and later
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: Multiple memory corruption issues were addressed with improved memory handling
- CVE-2018-4088: Jeonghoon Shin of Theori
- CVE-2018-4096: found by OSS-Fuzz
iCloud Control Panel 7.2.0.67
- Change log not available for this verison
iCloud Control Panel 7.1.0.34
- Change log not available for this verison
iCloud Control Panel 7.0.1.210
- SQLite available for: Windows 7 and later
- A memory corruption issue was addressed through improved input validation.
- Multiple memory corruption issues were addressed with improved memory handling.
- A logic issue existed in the handling of parent-tab. This issue was addressed with improved state management.
- A permissions issue existed in the handling of web browser cookies. This issue was addressed by no longer returning cookies for custom URL schemes.
- An inconsistent user interface issue was addressed with improved state management.
- Application Cache policy may be unexpectedly applied
iCloud Control Panel 6.2.3.17
- Change log not available for this verison
iCloud Control Panel 6.2.2.39
- Multiple memory corruption issues were addressed with improved memory handling
iCloud Control Panel 6.2.1.67
- A client certificate was sent in plaintext. This issue was addressed through improved certificate handling
- Multiple memory corruption issues were addressed through improved memory handling
- Multiple memory corruption issues were addressed through improved memory handling
- A validation issue existed in element handling. This issue was addressed through improved validation
iCloud Control Panel 6.1.2.13
- Change log not available for this version
iCloud Control Panel 6.1.0.30
- Multiple memory corruption issues were addressed through improved memory handling
- A memory corruption issue was addressed through improved state management
- The iCloud desktop client failed to clear sensitive information in memory
iCloud Control Panel 6.0.2.10
- Change log not available for this version
iCloud Control Panel 6.0.1.41
- A memory corruption issue was addressed through improved memory handling
iCloud Control Panel 5.2.2.87
- Change log not available for this version
iCloud Control Panel 5.2.1.69
- Change log not available for this version
更新時間:2018-06-05
更新細節:
What's new in this version:
iCloud Control Panel 7.5.0.34
Security:
- Impact: A local user may be able to read a persistent device identifier
- Description: An authorization issue was addressed with improved state managemen.
- Impact: A local user may be able to modify the state of the Keychain
- Description: An authorization issue was addressed with improved state management
- Impact: A local user may be able to view sensitive user information
- Description: An authorization issue was addressed with improved state management
WebKit:
- Impact: Visiting a maliciously crafted website may lead to cookies being overwritten
- Description: A permissions issue existed in the handling of web browser cookies. This issue was addressed with improved restrictions.
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: A race condition was addressed with improved locking.
- Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash
- Description: A memory corruption issue was addressed with improved input validation
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: A memory corruption issue was addressed with improved memory handling
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: A type confusion issue was addressed with improved memory handling
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: A memory corruption issue was addressed with improved state management
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: Multiple memory corruption issues were addressed with improved memory handling
- Impact: Visiting a malicious website may lead to address bar spoofing
- Description: An inconsistent user interface issue was addressed with improved state management
- Impact: Visiting a maliciously crafted website may leak sensitive data
- Description: Credentials were unexpectedly sent when fetching CSS mask images. This was addressed by using a CORS-enabled fetch method
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: A buffer overflow issue was addressed with improved memory handling
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: An out-of-bounds read was addressed with improved input validation
iCloud Control Panel 7.4.0.111
Security:
- Impact: A malicious application may be able to elevate privileges
- Description: A buffer overflow was addressed with improved size validation
WebKit:
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: Multiple memory corruption issues were addressed with improved memory handling
WebKit:
- Impact: Unexpected interaction with indexing types causing an ASSERT failure
- Description: An array indexing issue existed in the handling of a function in javascript core. This issue was addressed through improved checks
WebKit:
- Impact: Processing maliciously crafted web content may lead to a denial of service
- Description: A memory corruption issue was addressed through improved input validation
WebKit:
- Impact: A malicious website may exfiltrate data cross-origin
- Description: A cross-origin issue existed with the fetch API. This was addressed through improved input validation
iCloud Control Panel 7.3.0.20
WebKit:
- Available for: Windows 7 and later
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: Multiple memory corruption issues were addressed with improved memory handling
- CVE-2018-4088: Jeonghoon Shin of Theori
- CVE-2018-4096: found by OSS-Fuzz
iCloud Control Panel 7.2.0.67
- Change log not available for this verison
iCloud Control Panel 7.1.0.34
- Change log not available for this verison
iCloud Control Panel 7.0.1.210
- SQLite available for: Windows 7 and later
- A memory corruption issue was addressed through improved input validation.
- Multiple memory corruption issues were addressed with improved memory handling.
- A logic issue existed in the handling of parent-tab. This issue was addressed with improved state management.
- A permissions issue existed in the handling of web browser cookies. This issue was addressed by no longer returning cookies for custom URL schemes.
- An inconsistent user interface issue was addressed with improved state management.
- Application Cache policy may be unexpectedly applied
iCloud Control Panel 6.2.3.17
- Change log not available for this verison
iCloud Control Panel 6.2.2.39
- Multiple memory corruption issues were addressed with improved memory handling
iCloud Control Panel 6.2.1.67
- A client certificate was sent in plaintext. This issue was addressed through improved certificate handling
- Multiple memory corruption issues were addressed through improved memory handling
- Multiple memory corruption issues were addressed through improved memory handling
- A validation issue existed in element handling. This issue was addressed through improved validation
iCloud Control Panel 6.1.2.13
- Change log not available for this version
iCloud Control Panel 6.1.0.30
- Multiple memory corruption issues were addressed through improved memory handling
- A memory corruption issue was addressed through improved state management
- The iCloud desktop client failed to clear sensitive information in memory
iCloud Control Panel 6.0.2.10
- Change log not available for this version
iCloud Control Panel 6.0.1.41
- A memory corruption issue was addressed through improved memory handling
iCloud Control Panel 5.2.2.87
- Change log not available for this version
iCloud Control Panel 5.2.1.69
- Change log not available for this version
更新時間:2018-04-01
更新細節:
What's new in this version:
iCloud Control Panel 7.4.0.111
Security:
- Impact: A malicious application may be able to elevate privileges
- Description: A buffer overflow was addressed with improved size validation
WebKit:
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: Multiple memory corruption issues were addressed with improved memory handling
WebKit:
- Impact: Unexpected interaction with indexing types causing an ASSERT failure
- Description: An array indexing issue existed in the handling of a function in javascript core. This issue was addressed through improved checks
WebKit:
- Impact: Processing maliciously crafted web content may lead to a denial of service
- Description: A memory corruption issue was addressed through improved input validation
WebKit:
- Impact: A malicious website may exfiltrate data cross-origin
- Description: A cross-origin issue existed with the fetch API. This was addressed through improved input validation
iCloud Control Panel 7.3.0.20
WebKit:
- Available for: Windows 7 and later
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: Multiple memory corruption issues were addressed with improved memory handling
- CVE-2018-4088: Jeonghoon Shin of Theori
- CVE-2018-4096: found by OSS-Fuzz
iCloud Control Panel 7.2.0.67
- Change log not available for this verison
iCloud Control Panel 7.1.0.34
- Change log not available for this verison
iCloud Control Panel 7.0.1.210
- SQLite available for: Windows 7 and later
- A memory corruption issue was addressed through improved input validation.
- Multiple memory corruption issues were addressed with improved memory handling.
- A logic issue existed in the handling of parent-tab. This issue was addressed with improved state management.
- A permissions issue existed in the handling of web browser cookies. This issue was addressed by no longer returning cookies for custom URL schemes.
- An inconsistent user interface issue was addressed with improved state management.
- Application Cache policy may be unexpectedly applied
iCloud Control Panel 6.2.3.17
- Change log not available for this verison
iCloud Control Panel 6.2.2.39
- Multiple memory corruption issues were addressed with improved memory handling
iCloud Control Panel 6.2.1.67
- A client certificate was sent in plaintext. This issue was addressed through improved certificate handling
- Multiple memory corruption issues were addressed through improved memory handling
- Multiple memory corruption issues were addressed through improved memory handling
- A validation issue existed in element handling. This issue was addressed through improved validation
iCloud Control Panel 6.1.2.13
- Change log not available for this version
iCloud Control Panel 6.1.0.30
- Multiple memory corruption issues were addressed through improved memory handling
- A memory corruption issue was addressed through improved state management
- The iCloud desktop client failed to clear sensitive information in memory
iCloud Control Panel 6.0.2.10
- Change log not available for this version
iCloud Control Panel 6.0.1.41
- A memory corruption issue was addressed through improved memory handling
iCloud Control Panel 5.2.2.87
- Change log not available for this version
iCloud Control Panel 5.2.1.69
- Change log not available for this version
更新時間:2018-04-01
更新細節:
What's new in this version:
Vysor 1.9.0
- Connect automatically defaults to prompt
- Restore missing screen autodim option
Vysor 1.8.9
- Fix bug report generation
Vysor 1.8.8
- Ad crash fix
- Fix double video decoder initialization bug
- Improve startup time
Vysor 1.8.7
- Add high quality defaults
Vysor 1.8.6
- More bitrate options
Vysor 1.8.5
- Improve latency by dropping dropping frames when canvas can't paint fast enough
更新時間:2018-01-24
更新細節:
What's new in this version:
iCloud Control Panel 7.3.0.20
WebKit:
- Available for: Windows 7 and later
- Impact: Processing maliciously crafted web content may lead to arbitrary code execution
- Description: Multiple memory corruption issues were addressed with improved memory handling
- CVE-2018-4088: Jeonghoon Shin of Theori
- CVE-2018-4096: found by OSS-Fuzz
iCloud Control Panel 7.2.0.67
- Change log not available for this verison
iCloud Control Panel 7.1.0.34
- Change log not available for this verison
iCloud Control Panel 7.0.1.210
- SQLite available for: Windows 7 and later
- A memory corruption issue was addressed through improved input validation.
- Multiple memory corruption issues were addressed with improved memory handling.
- A logic issue existed in the handling of parent-tab. This issue was addressed with improved state management.
- A permissions issue existed in the handling of web browser cookies. This issue was addressed by no longer returning cookies for custom URL schemes.
- An inconsistent user interface issue was addressed with improved state management.
- Application Cache policy may be unexpectedly applied
iCloud Control Panel 6.2.3.17
- Change log not available for this verison
iCloud Control Panel 6.2.2.39
- Multiple memory corruption issues were addressed with improved memory handling
iCloud Control Panel 6.2.1.67
- A client certificate was sent in plaintext. This issue was addressed through improved certificate handling
- Multiple memory corruption issues were addressed through improved memory handling
- Multiple memory corruption issues were addressed through improved memory handling
- A validation issue existed in element handling. This issue was addressed through improved validation
iCloud Control Panel 6.1.2.13
- Change log not available for this version
iCloud Control Panel 6.1.0.30
- Multiple memory corruption issues were addressed through improved memory handling
- A memory corruption issue was addressed through improved state management
- The iCloud desktop client failed to clear sensitive information in memory
iCloud Control Panel 6.0.2.10
- Change log not available for this version
iCloud Control Panel 6.0.1.41
- A memory corruption issue was addressed through improved memory handling
iCloud Control Panel 5.2.2.87
- Change log not available for this version
iCloud Control Panel 5.2.1.69
- Change log not available for this version
更新時間:2017-12-14
更新細節:
What's new in this version:
iCloud Control Panel 7.2.0.67
- Change log not available for this verison
iCloud Control Panel 7.1.0.34
- Change log not available for this verison
iCloud Control Panel 7.0.1.210
- SQLite available for: Windows 7 and later
- A memory corruption issue was addressed through improved input validation.
- Multiple memory corruption issues were addressed with improved memory handling.
- A logic issue existed in the handling of parent-tab. This issue was addressed with improved state management.
- A permissions issue existed in the handling of web browser cookies. This issue was addressed by no longer returning cookies for custom URL schemes.
- An inconsistent user interface issue was addressed with improved state management.
- Application Cache policy may be unexpectedly applied
iCloud Control Panel 6.2.3.17
- Change log not available for this verison
iCloud Control Panel 6.2.2.39
- Multiple memory corruption issues were addressed with improved memory handling
iCloud Control Panel 6.2.1.67
- A client certificate was sent in plaintext. This issue was addressed through improved certificate handling
- Multiple memory corruption issues were addressed through improved memory handling
- Multiple memory corruption issues were addressed through improved memory handling
- A validation issue existed in element handling. This issue was addressed through improved validation
iCloud Control Panel 6.1.2.13
- Change log not available for this version
iCloud Control Panel 6.1.0.30
- Multiple memory corruption issues were addressed through improved memory handling
- A memory corruption issue was addressed through improved state management
- The iCloud desktop client failed to clear sensitive information in memory
iCloud Control Panel 6.0.2.10
- Change log not available for this version
iCloud Control Panel 6.0.1.41
- A memory corruption issue was addressed through improved memory handling
iCloud Control Panel 5.2.2.87
- Change log not available for this version
iCloud Control Panel 5.2.1.69
- Change log not available for this version