Apple today released a minor software update for the 3rd generation of its set-top box. Apart from the usual “general performance and stability improvements”, Apple TV 7.0.2 software update also contains the following security fixes:
- Impact: An attacker with a privileged network position may cause an unexpected application termination or arbitrary code execution.
Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.
- Impact: A local user may be able to execute unsigned code.
Description: A state management issue existed in the handling of Mach-O executable files with overlapping segments. This issue was addressed through improved validation of segment sizes.
- Impact: A malicious application may be able to execute arbitrary code with system privileges.
Description: A validation issue existed in the handling of certain metadata fields of IOSharedDataQueue objects. This issue was addressed through relocation of the metadata.
Be sure to follow Apple TV Hacks on Twitter, Facebook or Google+ for all the latest Apple TV-related news.
CommentsBe The First to Comment