Apple quashes bugs in iOS, macOS and Safari
Apple on Monday updated macOS Sierra to 10.12.3, patching 11 security vulnerabilities and addressing a graphics hardware problem in the latest 15-in. MacBook Pro laptop.
At the same time, Apple released iOS 10.2.1, an update that fixed 18 security flaws, the bulk of them in WebKit, the foundation of the baked-in Safari browser.
According to Apple’s typically terse update documentation, macOS 10.12.3 “improves automatic graphics switching on MacBook Pro (15-in., October 2016).” Another fix addressed “graphics issues” on both the 15-in. and the smaller 13-in. sibling when encoding in Adobe Premiere Pro; that bug attracted attention after a video showing a notebook wildly cycling through colors went viral.
[To comment on this story, visit Computerworld’s Facebook page.]
Apple unveiled the new MacBook Pro on Oct. 29. Its most notable feature was the “Touch Bar,” a narrow display above the top row of keys that responds to gestures and adapts to the active application.
The same update also patched nearly a dozen vulnerabilities, most of them critical. A pair of kernel bugs reported to Apple by Google Project Zero, for instance, was cited as having the potential to “execute arbitrary code,” Apple-speak for a very serious vulnerability ranking.
iOS was also refreshed Monday, with 10.2.1 offered to iPhone and iPad owners.
Apple described only the 18 vulnerabilities patched by the update. Thirteen of those flaws were within WebKit, the open-source project that produces the rendering engine that powers Safari.
Safari on macOS was also updated to patch 12 of the 13 bugs quashed in the iOS version. Labeled Safari 10.0.3, it was packaged with the Sierra 10.12.3 update, but was made available separately to Mac owners running the older OS X Yosemite and OS X El Capitan, Sierra’s predecessors.
Although no description in the Safari 10.0.3 update mentioned the bug reported by Consumer Reports — the flaw resulted in the magazine initially refusing to recommend the new MacBook Pro notebooks because of unusual battery test results — Apple previously said it dealt with the flaw in a beta leading up to macOS 10.12.3. If so, it should also have been fixed in the Safari-only update.
The iOS, macOS and Sierra updates will be automatically offered on the appropriate devices. Users can manually trigger an update on a Mac by selecting “App Store” from the Apple menu, then choosing “Updates” from the row of icons at the top of the window. On iPhones and iPads, users can begin an update by touching “Settings,” then “General,” then “Software Update.”