Kill the security bugs by updating your Android devices: Patch Tuesday - Week 1, April 2019

Apple

Apple released a follow-on security update for macOS Sierra and High Sierra users to fix certain security issues that were not rectified in the previous update. Mac users with these versions are advised to update to the following builds:

• 17G6030 for macOS High Sierra version 10.13
• 16G1918 for macOS Sierra version 10.12

The company has also released another major security update for watchOS present in Apple Watch Series 1 and later variants. Security flaws were primarily in the kernel of watchOS 5.2 and included critical ones such as privilege escalation, memory corruption, and information disclosure flaws. Flaws in CoreCrypto, Contacts, Messages and other applications were also patched.

Google

The monthly security update for April fixes a host of high and critical severity vulnerabilities found in various components and services in the Android ecosystem. Vulnerabilities include the serious remote code execution (RCE) flaw, privilege escalation, information disclosure, and denial-of-service flaws. The most affected version was Android 7.0 and its variants -- 7.1.1 and 7.1.2.

Qualcomm components, which are used in most of the Android devices, also had more than 70 bugs which were patched in this update. Therefore, Android users are suggested to update to the latest version provided by the device manufacturer. These will available anytime soon.

More details on the vulnerabilities can be found here.

Ubuntu

For this week, Ubuntu has released patches to fix multiple security vulnerabilities found in Linux kernels. In addition, Ubuntu also remedied the flaws found in Firebird and Dovecot applications. The following are the security bulletins published by Ubuntu.

• USN-3933-2: Linux kernel (Trusty HWE) vulnerabilities: Numerous security holes in the Linux kernel of Ubuntu 12.04 ESM are patched. They were specifically existing in the Bluetooth implementation of the kernel.
• USN-3933-1: Linux kernel vulnerabilities: Ubuntu 14.04 LTS had multiple flaws such as information disclosure (ID) and use-after-free, in the Bluetooth implementation. These are resolved with the update.
• USN-3932-2: Linux kernel (Xenial HWE) vulnerabilities: Ubuntu 14.04 LTS had security issues with respect to AWS kernel as well as Xenial’s Hardware Enablement Kernel (HWE). Attackers could launch DoS and RCE attacks by exploiting the holes.
• USN-3932-1: Linux kernel vulnerabilities: Linux kernels for AWS, Raspberry Pi 2, Snapdragon processors and for cloud environments, mainly had DoS vulnerabilities. Ubuntu 16.04 LTS was the affected version.
• USN-3931-2: Linux kernel (HWE) vulnerabilities: Linux kernels for AWS, Microsoft Azure, GCP, and Oracle Cloud contained privilege escalation flaws. Furthermore, Hardware kernel also had improper error-handling processes. Ubuntu 16.04 LTS and Ubuntu 14.04 LTS, were the affected versions.
• USN-3931-1: Linux kernel vulnerabilities: Linux kernels for AWS, Microsoft Azure, GCP, Oracle Cloud, Raspberry Pi 2, and OEM Processors in Ubuntu 18.04 LTS housed many memory-related flaws.
• USN-3930-2: Linux kernel (HWE) vulnerabilities: HWE kernel and the kernel for Microsoft Azure in Ubuntu 18.04 LTS had numerous ID flaws.
• USN-3930-1: Linux kernel vulnerabilities: Linux kernels for AWS, Raspberry Pi 2, Snapdragon processors, and for cloud environments in Ubuntu 18.10 had many flaws due to implementation methods.
• USN-3929-1: Firebird vulnerabilities: The Firebird database incorrectly handled certain malformed packets and UDF libraries leading to a DoS, and RCE flaw respectively. It exists in Ubuntu 14.04 LTS.
• USN-3928-1: Dovecot vulnerability: The IMAP and POP3 email server incorrectly handled index headers, thus leading to a privilege escalation flaw.

VMware

VMware has published two major updates last week to address different security flaws in its products. The flaws were deemed critical by the company. Products include VMware ESXi, Workstation, Fusion, and vCloud Director. Following are the advisories released by VMware with updates.

• VMSA-2019-0005: VMware ESXi (versions 6.7, 6.5, and 6.0), Workstation (versions 15.x and 14.x) and Fusion (11.x and 10.x) had out-of-bounds read/write vulnerabilities that could allow RCE.
• VMSA-2019-0004: A critical remote session hijacking flaw was affecting vCloud Director (versions 9.7.x, 9.5.x, 9.1.x and 9.0.x). Attackers could impersonate users by exploiting this flaw.