1. Forum
  2. Newsgroups
  3. comp.sys.mac.misc

  • [NEWS] Apple releases new OS updated for older versions

    From Your Name@YourName@YourISP.com to comp.mobile.ipad, misc.phone.mobile.iphone, comp.sys.mac.misc, com.sys.mac.system on Tue May 12 15:29:49 2026
    From Newsgroup: comp.sys.mac.misc


    Yet more proof that the local village idiot's claims of Apple not
    supporting devices for long is in reality nothing but complete
    bollocks, as usual.

    And, before the moron starts harping on about thr supposed security
    flaws the updates fix, they are theoretical problems that reported by anti-malware makers that nobody in the real world has ever seen and
    probably never would anyway.


    Update your older iPhone, iPad, or Mac now,
    to get new fixes for WebKit, Wi-Fi & kernel flaws
    -------------------------------------------------
    On Monday, Apple released critical security updates for iPads,
    Macs, and iPhones running older operating systems to fix serious
    flaws tied to WebKit, kernel access, Wi-Fi, and sandbox escapes.

    The company released a major round of security updates on May 11,
    patching vulnerabilities across current and legacy versions of
    macOS, iOS, and iPadOS. The releases include macOS Tahoe 26.5,
    macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, iOS 18.7.9,
    iPadOS 18.7.9, iPadOS 17.7.11, iOS 16.7.16, and iOS 15.8.8.

    Detailed advisories published by the company describe flaws
    affecting the kernel, WebKit, Wi-Fi, sandbox protections, privacy
    systems, and file handling frameworks. Apple continues shipping
    security patches for iPhones, iPads, and Macs released more than
    a decade ago even after those devices fall behind the newest
    operating systems.

    Current-generation operating systems received the largest security
    patches in the release cycle. For example, macOS Tahoe 26.5
    includes fixes for vulnerabilities tied to privilege escalation,
    sandbox escapes, denial-of-service attacks, Gatekeeper bypasses,
    arbitrary kernel-level code execution, and exposure of sensitive
    user data.

    iOS 18.7.9 and iPadOS 18.7.9 patch a wide range of vulnerabilities
    affecting the iPhone XS, iPhone XR, and seventh-generation iPad.
    The updates include fixes for flaws involving WebKit, Siri, Mail
    Drafts, App Intents, Wi-Fi, mDNSResponder, LaunchServices, and
    multiple kernel components.

    Apple also patched vulnerabilities that could allow apps to gain
    elevated privileges, escape sandbox restrictions, or access
    protected user information.

    None of the advisories identify the patched vulnerabilities as
    actively exploited in the wild. Apple usually includes explicit
    warnings when it believes attackers are already using a flaw
    against users, and those notices do not appear in the latest
    releases.


    WebKit and kernel fixes dominate the release
    WebKit received some of the largest fixes in the latest security
    releases. The browser engine powers Safari, App Store previews,
    embedded app browsers, and many web views across iOS and macOS.

    Apple patched multiple WebKit vulnerabilities that could bypass
    Content Security Policy protections, leak sensitive user
    information, crash Safari processes, or corrupt memory through
    malicious web content. The release also contains extensive kernel
    fixes across macOS, iOS, and iPadOS.

    Those patches address vulnerabilities tied to root privilege
    escalation, kernel memory disclosure, integer overflows,
    out-of-bounds writes, race conditions, and Gatekeeper bypasses
    involving malicious disk images or ZIP archives.

    Networking and wireless systems received several serious fixes.
    The updates patch a Wi-Fi flaw that allows arbitrary code
    execution with kernel privileges through an out-of-bounds write
    vulnerability, and denial-of-service bugs involving crafted Wi-Fi
    packets and mDNSResponder network traffic.

    Apple also patched vulnerabilities involving installed app
    enumeration, App Privacy Report bypasses, IP address tracking,
    unauthorized Contacts access, screen capture through camera
    metadata exposure, and multiple sandbox escape flaws.


    Apple is still maintaining hardware from 2014 and 2015
    Separate maintenance updates continue extending security support
    for aging hardware. Apple published dedicated releases for
    iPadOS 17, iOS 16, and iOS 15 instead of ending support once
    devices fall behind the newest operating system branch.

    iPadOS 17.7.11 targets the sixth-generation iPad, the 10.5-inch
    iPad Pro, and the second-generation 12.9-inch iPad Pro. That
    release contains a single Notification Services fix addressing an
    issue where deleted notifications could remain stored on-device
    unexpectedly.

    Older hardware also received updates through iOS 16.7.16 and
    iPadOS 16.7.16 for devices including the iPhone X and
    first-generation 12.9-inch iPad Pro. iOS 15.8.8 and iPadOS 15.8.8
    extend support even farther back to hardware including the
    iPhone 6s, iPhone 7, first-generation iPhone SE, iPad Air 2, and
    iPad mini 4.

    Both legacy branches patch the same Notification Services
    vulnerability tied to retained deleted notifications. Research
    attribution across the advisories also reflects changes in the
    security industry.

    Apple credited researchers from Google Threat Analysis Group,
    Google Project Zero, Palo Alto Networks, TrendAI Zero Day
    Initiative, and independent security firms across the release. One
    kernel vulnerability in macOS Tahoe 26.5 was credited to Calif.io
    "in collaboration with Claude and Anthropic Research."


    How users can reduce risk
    Many of the patched vulnerabilities affect browser engines,
    wireless networking, app isolation systems, and low-level operating
    system components. Vulnerabilities in WebKit, Wi-Fi, and the kernel
    can affect core protections across the operating system.

    Users should install the updates as soon as possible and restart
    devices afterward so kernel and networking patches fully apply.
    Apple also recommends avoiding untrusted apps, unknown configuration
    profiles, suspicious links, unsecured Wi-Fi networks, and
    unsolicited file downloads.

    Several of the patched vulnerabilities involve malicious web content,
    crafted files, privilege escalation, and sandbox escape flaws.

    Safari and system browser updates are crucial, as WebKit powers much
    of Apple's software ecosystem beyond Safari. Users with unsupported
    devices that don't receive security updates should avoid using them
    for sensitive tasks like banking, password management, or storing
    personal data.



    <https://appleinsider.com/articles/26/05/11/update-your-older-iphone-ipad-or-mac-now-to-get-new-fixes-for-webkit-wi-fi-kernel-flaws>





    --- Synchronet 3.22a-Linux NewsLink 1.2