Costin Carabaș

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 12.2 macOS Mojave versions prior to 10.14.4 tvOS versions prior to 12.2 watchOS versions prior to 5.2 **Description** A malicious application may be able to initiate a Dictation request without user authorization due to an API issue in the handling of dictation requests. This issue was addressed with improved validation. **Recommendations** For iOS versions prior to 12.2, update to iOS 12.2 or later. For macOS Mojave versions prior to 10.14.4, update to macOS Mojave 10.14.4 or later. For tvOS versions prior to 12.2, update to tvOS 12.2 or later. For watchOS versions prior to 5.2, update to watchOS 5.2 or later.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 12.4 tvOS versions prior to 12.4 **Description** A validation issue existed in the entitlement verification, which could allow a malicious application to restrict access to websites. This issue was addressed with improved validation of the process entitlement. **Recommendations** For iOS versions prior to 12.4, update to iOS 12.4 to resolve the issue. For tvOS versions prior to 12.4, update to tvOS 12.4 to resolve the issue.

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 12.1.1 Description: The issue was addressed with improved entitlements. Recommendations: For versions prior to 12.1.1, update to iOS 12.1.1 or later to resolve the issue.