CVE-2017-11103: Jeffrey Altman, Viktor Duchovni, and Nico Williams Help Viewer Available for: mac OS Sierra 10.12.6, OS X El Capitan 10.11.6 Impact: A quarantined HTML file may execute arbitrary Java Script cross-origin Description: A cross-site scripting issue existed in Help Viewer.
This issue was addressed by removing the affected file.
802.1X Available for: mac OS Sierra 10.12.6, OS X El Capitan 10.11.6 Impact: An attacker may be able to exploit weaknesses in TLS 1.0 Description: A protocol security issue was addressed by enabling TLS 1.1 and TLS 1.2.
CVE-2017-13832: Doug Wussler of Florida State University apache Available for: mac OS Sierra 10.12.6, OS X El Capitan 10.11.6 Impact: Multiple issues in Apache Description: Multiple issues were addressed by updating to version 2.4.27.
You can encrypt communications with Apple using the Apple Product Security PGP Key.
Microsoft moved policies around a bit in the Fall Creators Update for Windows 10.Recent releases are listed on the Apple security updates page.For more information about security, see the Apple Product Security page.CVE-2016-0736 CVE-2016-2161 CVE-2016-5387 CVE-2016-8740 CVE-2016-8743 CVE-2017-3167 CVE-2017-3169 CVE-2017-7659 CVE-2017-7668 CVE-2017-7679 CVE-2017-9788 CVE-2017-9789 APFS Available for: mac OS High Sierra 10.13 Impact: A malicious Thunderbolt adapter may be able to recover unencrypted APFS filesystem data Description: An issue existed in the handling of DMA.This issue was addressed by limiting the time the File Vault decryption buffers are DMA mapped to the duration of the I/O operation.