5Aelo

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 11.2 Apple macOS versions prior to 10.13.2 Apple tvOS versions prior to 11.2 Apple watchOS versions prior to 4.2 **Description** A race condition was addressed with additional validation. This issue allows an application to potentially gain elevated privileges. **Recommendations** For Apple iOS versions prior to 11.2, update to iOS 11.2 or later. For Apple macOS versions prior to 10.13.2, apply Security Update 2017-002 Sierra or later, or update to macOS High Sierra 10.13.2 or later. For Apple tvOS versions prior to 11.2, update to tvOS 11.2 or later. For Apple watchOS versions prior to 4.2, update to watchOS 4.2 or later. For macOS El Capitan, apply Security Update 2017-005 El Capitan or later.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 12 tvOS versions prior to 12 watchOS versions prior to 5 Safari versions prior to 12 iTunes for Windows versions prior to 12.9 iCloud for Windows versions prior to 7.7 **Description** Multiple memory corruption issues were addressed with improved memory handling. The issue is related to memory corruption problems. **Recommendations** For iOS versions prior to 12, update to version 12 or later. For tvOS versions prior to 12, update to version 12 or later. For watchOS versions prior to 5, update to version 5 or later. For Safari versions prior to 12, update to version 12 or later. For iTunes for Windows versions prior to 12.9, update to version 12.9 or later. For iCloud for Windows versions prior to 7.7, update to version 7.7 or later.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 12 tvOS versions prior to 12 watchOS versions prior to 5 Safari versions prior to 12 iTunes for Windows versions prior to 12.9 iCloud for Windows versions prior to 7.7 **Description** The issue is related to multiple memory corruption problems that were addressed with improved memory handling. **Recommendations** For iOS versions prior to 12, update to version 12 or later. For tvOS versions prior to 12, update to version 12 or later. For watchOS versions prior to 5, update to version 5 or later. For Safari versions prior to 12, update to version 12 or later. For iTunes for Windows versions prior to 12.9, update to version 12.9 or later. For iCloud for Windows versions prior to 7.7, update to version 7.7 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 10.13.4 **Description** The issue involves the `ATS` component and allows attackers to obtain sensitive information by leveraging symlink mishandling. **Recommendations** For macOS versions prior to 10.13.4, update to version 10.13.4 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 11.3 macOS versions prior to 10.13.4 **Description** The issue involves the `Storage` component and is related to a race condition. This condition allows attackers to execute arbitrary code in a privileged context via a crafted app. **Recommendations** For iOS versions prior to 11.3, update to version 11.3 or later. For macOS versions prior to 10.13.4, update to version 10.13.4 or later.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 11.3 macOS versions prior to 10.13.4 watchOS versions prior to 4.3 **Description** The issue involves the CoreFoundation component and is related to a race condition. This condition allows attackers to execute arbitrary code in a privileged context via a crafted app. **Recommendations** For iOS versions prior to 11.3, update to version 11.3 or later. For macOS versions prior to 10.13.4, update to version 10.13.4 or later. For watchOS versions prior to 4.3, update to version 4.3 or later.