First published: Tue May 29 2018(Updated: )
WebKit. A race condition was addressed with improved locking.
Credit: Markus Gaasedelen Amy Burnett Patrick Biernat Ret2 Systems Inc working with Trend Micro product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iTunes for Windows | <12.7.5 | 12.7.5 |
Apple Safari | <11.1.1 | |
Apple iPhone OS | <11.4 | |
Apple tvOS | <11.4 | |
Apple watchOS | <4.3.1 | |
Apple iCloud | <7.5 | |
Microsoft Windows | ||
Apple iTunes | <12.7.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2018-4192 is a vulnerability in certain Apple products that allows a race condition and has been addressed with improved locking.
iOS before 11.4, Safari before 11.1.1, iCloud before 7.5 on Windows, iTunes before 12.7.5 on Windows, tvOS before 11.4, and watchOS before 4.3.1 are affected by CVE-2018-4192.
CVE-2018-4192 has a severity level of high with a CVSS score of 7.5.
To fix CVE-2018-4192, make sure to update to the recommended versions of the affected Apple products: iOS 11.4, Safari 11.1.1, iCloud 7.5 on Windows, iTunes 12.7.5 on Windows, tvOS 11.4, and watchOS 4.3.1.
You can find more information about CVE-2018-4192 on the Apple support page at https://support.apple.com/en-us/HT208852, SecurityTracker at http://www.securitytracker.com/id/1041029, and Gentoo Security at https://security.gentoo.org/glsa/201808-04.