apple · ios 11 · mac os x · security · update

Apple Issues ‘Meltdown’ and ‘Spectre’ Patches for iOS, macOS, Safari

apple_ios_1122_mealtdown_spectre_patch_20180108

Today, Apple has posted a set of updates that are designed to patch recently reported vulnerabilities found in Intel and ARM CPU processors. These are very important security updates. You should install them as soon as you can.

Apple Software Updates

apple_macos_high_sierra_mealtdown_spectre_cpu_patch_20180108

Ready for your downloading and installing pleasure are:
* iOS 11.2.2 for iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
* macOS High Sierra 10.13.2 Supplemental Update
* Safari 11.0.2 for OS X El Capitan 10.11.6 and macOS Sierra 10.12.6

The Apple support website always links to the latest security patch updates.

The Short Story

The vulnerability, which impacts all modern Intel and ARM CPUs, can be found in just about every PC, smartphone, and tablet on sale. Microsoft Windows, Linux distributions, and hardware vendors all need to update patches to prevent the “Meltdown” and “Spectre” vulnerabilities from being exploited and granting cyber-attackers access to highly sensitive data that is held in a computer’s protected memory space.

Confused about all of this processor vulnerabilities and patching? It’s totally understandable. If you really want to understand what’s going on, check out Rene Ritchie’s excellent Meltdown and Spectre FAQ at iMore.com.

 

apple · apple watch · update · watchos 2

iOS 9.1 and watchOS 2.0.1 – Small But Important Updates

[Editor’s Note: I don’t know why this article didn’t publish on the intended date and time, so we are publishing it now for completeness.]

October turned out to be a much busier month than I had originally expected it to be as I was working a particularly tricky production email migration from one cloud based vendor to another.  (Upgrades to Exchange Server 2013/Office 365 and Outlook 2013 were thrown in for fun.)

All that said, I didn’t want to let a pair of updates from Apple slip by without at least mentioning them.

iOS 9.1

iOS 9.1, available for all devices that are capable of running iOS 7.0 and later, is a minor update to iOS 9 that adds 150 new cartoony emoji images.  Anyone who has kids knows how important that is. (Ok, my wife and I send emojis – emojii? – to each other more often than we should.)  Let’s just get it out of the way now, the finger emoji is in this update.  It’s my wife’s favorite.  iOS 9.1 also has the “eye in a speech bubble” Ad Council anti-bullying campaign emoji.  At lease we got the taco emoji.

The other iOS 9.1 update is for the iPhone 6s and iPhone 6s Plus and the Live Photos feature.  With iOS 9.1 on board, your new iPhone and detect when you are raising or lowering your phone to take a Live Photo and not include those images in the Live Photo image.  It’s a nice feature to have.  When I was taking a few Live Photo shots, the early ones didn’t come out so great unless I was holding my iPhone 6s Plus perfectly still while shooting them.

watchOS 2.0.1

With watchOS 2.0.1 Apple rolled out some minor but necessary updates for the Apple Watch.  As you can see from the screen shot (above), all of the fixes address bugs that if not otherwise patched right way could leave to a poor customer experience.

Both updates are available right now using the iOS Software Update feature for iOS devices and, for Apple Watch owners, via the Software Update feature in the iOS Watch app.  Both updates are recommended for iOS and Apple Watch owners.

apple · ios 8 · ipad · iphone · ipod touch · update

Apple Releases iOS 8.4.1 Update for Apple Music

Today, Apple released iOS 8.4.1 for all current model iPhones, iPads and iPod touches.

Apple’s release notes for iOS 8.4.1 appear below.

This release includes improvements and fixes to Apple Music.
  • Resolves issues that could prevent turning on iCloud Music Library
  • Resolves an issue that hides added music because Apple Music was set to show offline music only
  • Provides a way to add songs to a new playlist if there aren’t any playlists to choose from
  • Resolves an issue that may show different artwork for an album on other devices
  • Resolves several issues for artists while posting to Connect
  • Fixes an issue where tapping Love doesn’t work as expected while listening to Beats 1
For information on the security content of this update, please visit this website:

The iOS 8.4.1 release is available now as an over the air (OTA) update from your devices.  Just go to:
Settings > General > Software Update to begin the install.

microsoft · update · windows · windows server

Microsoft’s ANS Alerts Are No Longer Free

Tomorrow’s Microsoft “Patch Tuesday” is going to seem a little bit more confusing than past patch days for the majority of Microsoft’s customers.

“They’ve gone from free to fee, and for really no particular reason,” said Andrew Storms, vice president of security services at New Context, a San Francisco-based security consultancy, in an interview.”

Microsoft Windows administrators have been familiar with the ANS, or Advanced Notification Service emails that were sent out a head of Microsoft’s scheduled patch release date with information regarding what software was to be patched, their classification of the patch, and associated knowledge base articles.  Starting with tomorrow’s patch Tuesday, Microsoft will not provide advanced notice of patches.

“Customer feedback indicates that many of our large customers no longer use ANS in the same way they did in the past due to optimized testing and deployment methodologies,” said Chris Betz, senior director at the Microsoft Security Response Center (MSRC). “While some customers still rely on ANS, the vast majority wait for Update Tuesday, or take no action, allowing updates to occur automatically.”

“Microsoft prefers to call its monthly security release “Update Tuesday,” apparently believing “Patch Tuesday” carries negative connotations.”

So, unless your organization pays for premiere support or is otherwise involved in sharing security information with Microsoft, you will no longer be receiving these email updates.

Personally, I’ve never participated in the online briefings, but I would skim the list of patches, sorry, “updates” that Microsoft would be pushing out to Microsoft Windows Update Servers (WUS) running on private networks.  While I’m sad to see the email notices and blog postings go away, for small to mid-sized organizations, I’m not sure that there will be a meaningful impact on day-to-day operations.  What will likely become of this is that Windows client and Windows Server administrators will need to pay more attention when testing the latest updates before deploying them on production servers.

[Via ComputerWorld.com…]

apple · ios 7 · ipad air · ipad mini · iphone 5s · ipod touch · update

Apple Releases iOS 7.1.1

Earlier this afternoon, Apple released iOS 7.1.1, a minor update to iOS 7.

iOS 7.1.1 focuses in on three areas for enhancement and updates, including additional enhancements to the iPhone 5S fingerprint sensor, a bug fix for keyboard responsiveness and corrects and issue with Bluetooth keyboards when the VoiceOver feature is enabled.

The iOS 7.1.1 update is coming in at about 16.5MB for both my iPhone 5S and iPhone 4S.  To install the latest iOS update on your iOS device, go to: Settings > General > Software Update.

To learn more about this and other Apple software updates, visit the Apple Support website.