You’re probably going to want to snag these.
Apple on Wednesday issued security updates for multiple versions of its macOS operating system on Wednesday. The update was found in the macOS Big Sur 11.2.1 update, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security Update 2021-002, and fixes a sudo flaw known as “Baron Samedit.”
Three flaws have been fixed:
Intel Graphics Driver
- Available for: macOS Big Sur 11.2, macOS Catalina 10.15.7
- Impact: An application may be able to execute arbitrary code with kernel privileges
- Description: An out-of-bounds write was addressed with improved input validation.
- CVE-2021-1805: ABC Research s.r.o. working with Trend Micro Zero Day Initiative
Intel Graphics Driver
- Available for: macOS Big Sur 11.2, macOS Catalina 10.15.7
- Impact: An application may be able to execute arbitrary code with kernel privileges
- Description: A race condition was addressed with additional validation.
- CVE-2021-1806: ABC Research s.r.o. working with Trend Micro Zero Day Initiative
Sudo
- Available for: macOS Big Sur 11.2, macOS Catalina 10.15.7, macOS Mojave 10.14.6
- Impact: A local attacker may be able to elevate their privileges
- Description: This issue was addressed by updating to sudo version 1.9.5p2.
- CVE-2021-3156: Qualys
If you’ve tried the updates and have any feedback to offer, please let us know about your experience in the comments.
Via The Mac Observer
One reply on “Apple releases security updates for macOS Big Sur, macOS Catalina, and macOS Mojave operating systems, looks to address “Baron Samedit” sudo vulnerability”
After I installed macOS Mojave 10.14.6 Security Update 2021-002, I can’t connect my iPhone or iPad (both running iOS14.4) to the computer. The computer says I need to give permission on those devices to connect to the computer, but the devices don’t provide a pop-up for me to allow the connection. Instead, the devices produce a constant stream of tones in unison to repeating connection warnings on the computer.
Suggestions?