Monday June 17
06:37
AA19-168A: Microsoft Operating Systems BlueKeep...
Original release date: June 17, 2019
Summary
The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this Activity Alert to provide information on a vulnerability, known as “BlueKeep,” that exists in the following Microsoft Windows Operating Systems (OSs), including both 32- and 64-bit versions, as well as all Service Pack versions:
- Windows 2000
- Windows Vista
- Windows XP
- Windows 7
- Windows Server 2003
- Windows Server 2003 R2
- Windows Server 2008
- Windows Server 2008 R2
An attacker can exploit this vulnerability to take control of an affected system.
Technical Details
BlueKeep (CVE-2019-0708) exists within the Remote Desktop Protocol (RDP) used by the Microsoft Windows OSs listed above. An attacker can exploit this vulnerability to perform remote code execution on an unprotected system.
According to Microsoft, an attacker can send...
|
Read more »
Friday June 14
14:25
Updated App Store Links
Links generated for apps on the App Store now begin with apps.apple.com. Existing links that begin with itunes.apple.com will continue to work in their current form and will automatically redirect to the apps.apple.com domain.
|
Read more »
14:25
Updated App Store Links
Links generated for apps on the App Store now begin with apps.apple.com. Existing links that begin with itunes.apple.com will continue to work in their current form and will automatically redirect to the apps.apple.com domain.
|
Read more »
Thursday June 13
13:25
Logic Pro X 10.4 release notes
Friday June 7
12:30
Differences Between zsh and bash
Supposedly, macOS 10.15 Catalina is slated to replace the default /bin/bash shell with zsh, or /bin/zsh. Before we talk about the differences let’s just say that bash is still here and if your script is called as bash then it will still work just fine. To quickly see which you’re using (e.g. when testing a new release), use $0:
echo $0
Z Shell or zsh for short was written by Princeton University student Paul Falstad in 1990. Most shells are just extensions of the Bourne shell (including bash) and work similarly but there are minor differences here and there. Yes, Z Shell comes with a control-R reverse incremental search, but that’s not a good reason to make this kind of change. Z Shell is more modern (e.g. more customizable autocompletion, use Alt + . to put parameters from the previous command into your next command, slicker tabbed auto-complete), considered by some to be more secure (not considered as such by others), and, well...
|
Read more »
09:37
Apple Configurator cfgutil Verbs
Once the Apple Configurator 2 Command Line Tools are installed, you’ll find a binary called cfgutil at /Applications/Apple Configurator 2.app/Contents/MacOS/cfgutil. The cfgutil command has a number of verbs you can see by running the command followed by the help verb, as follows:
/Applications/Apple\ Configurator\ 2.app/Contents/MacOS/cfgutil help
The following is a list of officially supported verbs:
- activate: activate iOS and iPadOS devices.
- add-tags: add a tag for iOS and iPadOS devices.
- backup: Create a backup of an iOS or iPadOS device the Configurator computer has prepared.
- clear-passcode: Clear the passcode a supervised iOS or iPad OS device.
- erase: Erase any content and settings configured on any supervised iOS and iPadOS devices.
- exec: Run scripts when iOS and iPadOS devices connect or detach from the computer running Apple Configurator.
- get: Show various properties, settings, and apps that...
|
Read more »
Tuesday June 4
06:52
Notes from the Underground: Apple WWDC and You
Apple kicked off the annual WWDC conference yesterday and boy there was a flurry of information. There always is, but for people charged with managing Apple devices and vendors that support Apple devices there were some important releases. Some general themes to think about as you read through this list:
- Privacy is a thing. This includes securing files in the directories of a user by having the user accept a request to touch them (e.g. My Documents, er, I mean, Documents). This also means apps harvesting user data are doomed. The restrictions continue to flow in from iOS to the Mac. And that’s probably a good thing – as it helps keep people from getting taken advantage of. Because a global interconnected world has meant that crappy people are still crappy.
- Kexts are not a thing. Touching the kernel means a third party developer can pretty much do anything they want. That’s just not cool any more. So System Extensions are more controllable and now we’ll have a...
|
Read more »
06:52
Notes from the Underground: Apple WWDC and You
Apple kicked off the annual WWDC conference yesterday and boy there was a flurry of information. There always is, but for people charged with managing Apple devices and vendors that support Apple devices there were some important releases. Some general themes to think about as you read through this list:
- Privacy is a thing. This includes securing files in the directories of a user by having the user accept a request to touch them (e.g. My Documents, er, I mean, Documents). This also means apps harvesting user data are doomed. The restrictions continue to flow in from iOS to the Mac. And that’s probably a good thing – as it helps keep people from getting taken advantage of. Because a global interconnected world has meant that crappy people are still crappy.
- Kexts are not a thing. Touching the kernel means a third party developer can pretty much do anything they want. That’s just not cool any more. So System Extensions are more controllable and now we’ll have a...
|
Read more »
06:52
Notes from the Underground: Apple WWDC and You
Apple kicked off the annual WWDC conference yesterday and boy there was a flurry of information. There always is, but for people charged with managing Apple devices and vendors that support Apple devices there were some important releases. Some general themes to think about as you read through this list:
- Privacy is a thing. This includes securing files in the directories of a user by having the user accept a request to touch them (e.g. My Documents, er, I mean, Documents). This also means apps harvesting user data are doomed. The restrictions continue to flow in from iOS to the Mac. And that’s probably a good thing – as it helps keep people from getting taken advantage of. Because a global interconnected world has meant that crappy people are still crappy.
- Kexts are not a thing. Touching the kernel means a third party developer can pretty much do anything they want. That’s just not cool any more. So System Extensions are more controllable and now we’ll have a...
|
Read more »
Monday June 3
12:00
See What’s New on Apple Platforms
Create seamless, intelligent, and engaging experiences with the Xcode 11 beta, which includes the SDKs for iOS 13, watchOS 6, tvOS 13, and macOS Catalina.
Learn more
|
Read more »
12:00
SwiftUI
SwiftUI is an innovative new way to build user interfaces across all Apple platforms, so you can create better apps with less code. With a declarative Swift syntax that's easy to read and natural to write, SwiftUI works seamlessly with new Xcode design tools to keep your code and design perfectly in sync. Automatic support for Dynamic Type, Dark Mode, localization, and accessibility means your first line of SwiftUI code is already the most powerful UI code you’ve ever written.
Learn more
|
Read more »
12:00
Bring Your iPad App to Mac
Now it’s incredibly simple to start building a native Mac app from your current iPad app. The beta version of Xcode 11 is all you need. Your Mac and iPad apps share the same project and source code, so any changes you make translate to both platforms. And your newly created Mac app runs natively, utilizing the same frameworks, resources, and even runtime environment as apps built just for Mac.
Learn more
|
Read more »
12:00
Sign In with Apple
Now users can sign in to your apps and websites with their Apple ID, and can even use Face ID or Touch ID. With privacy and security features, Sign In with Apple is a great way to help your users set up an account and get started right away.
Learn more
|
Read more »
12:00
Machine Learning
Core ML 3 seamlessly uses the CPU, GPU, and Neural Engine to provide maximum performance and efficiency, and lets you integrate the latest cutting-edge models into your apps. The new Create ML app lets you build, train, and deploy machine learning models with no machine learning expertise required. Take advantage of on-device model training and a gallery of curated models.
Learn more
|
Read more »
12:00
Augmented Reality
ARKit 3 delivers an incredible awareness of people with the ability to integrate human movement into your app, the new People Occlusion feature that lets AR content realistically pass behind and in front of people in the real world, and much more. It's easy to prototype and produce AR experiences with Reality Composer — a powerful new app that lets you easily create AR experiences, and RealityKit — a new high-level augmented reality framework.
Learn more
|
Read more »
12:00
Siri
Use the latest advances in Siri to provide an interactive voice experience with follow-up questions, additional shortcut customization, and audio content playback. Your apps can let Siri know when a user makes a reservation so Siri can remind them to check in, provide directions in Maps, add the event to Calendar, and more. And with the Shortcuts app built in to iOS 13, it's even faster for users to find, use, and combine shortcuts.
Learn more
|
Read more »
12:00
Feedback Assistant
You can now submit developer feedback and file bug reports to Apple using the native Feedback Assistant app for iOS and Mac, which features automatic on-device diagnostics, remote bug filing, more detailed bug forms, and more bug statuses. You can also use the Feedback Assistant website. Feedback Assistant replaces Bug Reporter.
Learn more
|
Read more »
12:00
Notarization Requirement for Mac Software
Mac apps, installer packages, and kernel extensions that are signed with Developer ID must also be notarized by Apple in order to run on macOS Catalina. This will help give users more confidence that the software they download and run, no matter where they get it from, is not malware by showing a more streamlined Gatekeeper interface.
Learn more
|
Read more »
12:00
Updates to the App Store Review Guidelines
The App Store is dedicated to the best store experience for everyone. In order to continue providing a safe experience for users and a great opportunity for developers to be successful, we sometimes need to update the App Store Review Guidelines.
Please note these summaries of the latest changes and see the App Store Review Guidelines for full details. All guidelines are now enforced for new and existing apps, unless otherwise indicated.
- Guidelines 1.3 and 5.1.4. In order to help keep kids’ data private, apps in the kids category and apps intended for kids cannot include third-party advertising or analytics software and may not transmit data to third parties. This guideline is now enforced for new apps. Existing apps must follow this guideline by September 3, 2019.
- Guideline 4.7. HTML5 games distributed in apps may not provide access to real money gaming, lotteries, or charitable donations, and may not...
|
Read more »
12:00
See What’s New on Apple Platforms
Create seamless, intelligent, and engaging experiences with the Xcode 11 beta, which includes the SDKs for iOS 13, watchOS 6, tvOS 13, and macOS Catalina.
Learn more
|
Read more »
12:00
SwiftUI
SwiftUI is an innovative new way to build user interfaces across all Apple platforms, so you can create better apps with less code. With a declarative Swift syntax that's easy to read and natural to write, SwiftUI works seamlessly with new Xcode design tools to keep your code and design perfectly in sync. Automatic support for Dynamic Type, Dark Mode, localization, and accessibility means your first line of SwiftUI code is already the most powerful UI code you’ve ever written.
Learn more
|
Read more »
12:00
Bring Your iPad App to Mac
Now it’s incredibly simple to start building a native Mac app from your current iPad app. The beta version of Xcode 11 is all you need. Your Mac and iPad apps share the same project and source code, so any changes you make translate to both platforms. And your newly created Mac app runs natively, utilizing the same frameworks, resources, and even runtime environment as apps built just for Mac.
Learn more
|
Read more »
12:00
Sign In with Apple
Now users can sign in to your apps and websites with their Apple ID, and can even use Face ID or Touch ID. With privacy and security features, Sign In with Apple is a great way to help your users set up an account and get started right away.
Learn more
|
Read more »
12:00
Machine Learning
Core ML 3 seamlessly uses the CPU, GPU, and Neural Engine to provide maximum performance and efficiency, and lets you integrate the latest cutting-edge models into your apps. The new Create ML app lets you build, train, and deploy machine learning models with no machine learning expertise required. Take advantage of on-device model training and a gallery of curated models.
Learn more
|
Read more »
12:00
Augmented Reality
ARKit 3 delivers an incredible awareness of people with the ability to integrate human movement into your app, the new People Occlusion feature that lets AR content realistically pass behind and in front of people in the real world, and much more. It's easy to prototype and produce AR experiences with Reality Composer — a powerful new app that lets you easily create AR experiences, and RealityKit — a new high-level augmented reality framework.
Learn more
|
Read more »
12:00
Siri
Use the latest advances in Siri to provide an interactive voice experience with follow-up questions, additional shortcut customization, and audio content playback. Your apps can let Siri know when a user makes a reservation so Siri can remind them to check in, provide directions in Maps, add the event to Calendar, and more. And with the Shortcuts app built in to iOS 13, it's even faster for users to find, use, and combine shortcuts.
Learn more
|
Read more »
12:00
Feedback Assistant
You can now submit developer feedback and file bug reports to Apple using the native Feedback Assistant app for iOS and Mac, which features automatic on-device diagnostics, remote bug filing, more detailed bug forms, and more bug statuses. You can also use the Feedback Assistant website. Feedback Assistant replaces Bug Reporter.
Learn more
|
Read more »
12:00
Notarization Requirement for Mac Software
Mac apps, installer packages, and kernel extensions that are signed with Developer ID must also be notarized by Apple in order to run on macOS Catalina. This will help give users more confidence that the software they download and run, no matter where they get it from, is not malware by showing a more streamlined Gatekeeper interface.
Learn more
|
Read more »
12:00
Updates to the App Store Review Guidelines
The App Store is dedicated to the best store experience for everyone. In order to continue providing a safe experience for users and a great opportunity for developers to be successful, we sometimes need to update the App Store Review Guidelines.
Please note these summaries of the latest changes and see the App Store Review Guidelines for full details. All guidelines are now enforced for new and existing apps, unless otherwise indicated.
- Guidelines 1.3 and 5.1.4. In order to help keep kids’ data private, apps in the kids category and apps intended for kids cannot include third-party advertising or analytics software and may not transmit data to third parties. This guideline is now enforced for new apps. Existing apps must follow this guideline by September 3, 2019.
- Guideline 4.7. HTML5 games distributed in apps may not provide access to real money gaming, lotteries, or charitable donations, and may not...
|
Read more »
Thursday May 30
18:05
About the security content of AirPort Base Station...
This document describes the security content of AirPort Base Station Firmware Update 7.9.1.
|
Read more »
13:30
About the security content of iOS 12.3
This document describes the security content of iOS 12.3.
|
Read more »
Wednesday May 22
10:12
Adding MIME Types To Support App Distribution On...
iOS Apps are .ipa files, which are compiled bundles of files that comprise an App on a device. By default, most web servers do have a handler that tells them what to do in the event that a call attempts to access one of these files. Therefore, in order to support downloading those files properly, you need to teach the server how to handle them.
First, let’s grab the MIME type from the Mac file command. To do so, run file with the, big surprise, –mime-type option and then the path to the file:
file --mime-type /Users/ce/Downloads/enrollmentProfile.mobileconfig
The output would be as follows, indicating that a file with the .mobileconfig extension has the application/octet-stream extension:
/Users/ce/Downloads/enrollmentProfile.mobileconfig: application/octet-stream
Since more and more apps are deep linking a plist into the app, we’ll also add a plist. The output on a Mac for the various file types is:
- .mobileconfig: text/xml or...
|
Read more »
10:12
Adding MIME Types To Support App Distribution On...
iOS Apps are .ipa files, which are compiled bundles of files that comprise an App on a device. By default, most web servers do have a handler that tells them what to do in the event that a call attempts to access one of these files. Therefore, in order to support downloading those files properly, you need to teach the server how to handle them.
First, let’s grab the MIME type from the Mac file command. To do so, run file with the, big surprise, –mime-type option and then the path to the file:
file --mime-type /Users/ce/Downloads/enrollmentProfile.mobileconfig
The output would be as follows, indicating that a file with the .mobileconfig extension has the application/octet-stream extension:
/Users/ce/Downloads/enrollmentProfile.mobileconfig: application/octet-stream
Since more and more apps are deep linking a plist into the app, we’ll also add a plist. The output on a Mac for the various file types is:
- .mobileconfig: text/xml or...
|
Read more »
10:12
Adding MIME Types To Support App Distribution On...
iOS Apps are .ipa files, which are compiled bundles of files that comprise an App on a device. By default, most web servers do have a handler that tells them what to do in the event that a call attempts to access one of these files. Therefore, in order to support downloading those files properly, you need to teach the server how to handle them.
First, let’s grab the MIME type from the Mac file command. To do so, run file with the, big surprise, –mime-type option and then the path to the file:
file --mime-type /Users/ce/Downloads/enrollmentProfile.mobileconfig
The output would be as follows, indicating that a file with the .mobileconfig extension has the application/octet-stream extension:
/Users/ce/Downloads/enrollmentProfile.mobileconfig: application/octet-stream
Since more and more apps are deep linking a plist into the app, we’ll also add a plist. The output on a Mac for the various file types is:
- .mobileconfig: text/xml or...
|
Read more »
Tuesday May 14
10:00
About the security content of macOS Mojave 10.14.5,...
This document describes the security content of macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra.
|
Read more »
Monday May 13
10:44
About the security content of watchOS 5.2.1
This document describes the security content of watchOS 5.2.1.
|
Read more »
Friday May 10
15:18
About the security content of tvOS 12.3
This document describes the security content of tvOS 12.3.
|
Read more »
Tuesday May 7
12:08
About the security content of Texture 4.22.0.4 for...
This document describes the security content of Texture 4.22.0.4 for Android.
|
Read more »
12:08
About the security content of Texture 5.11.10 for iOS
This document describes the security content of Texture 5.11.10 for iOS.
|
Read more »
Wednesday April 3
14:32
About the security content of watchOS 4
This document describes the security content of watchOS 4.
|
Read more »
14:30
About the security content of iOS 11
This document describes the security content of iOS 11.
|
Read more »
14:30
About the security content of tvOS 11
This document describes the security content of tvOS 11.
|
Read more »
14:29
About the security content of macOS High Sierra 10.13
This document describes the security content of macOS High Sierra 10.13.
|
Read more »
14:28
About the security content of macOS High Sierra 10....
This document describes the security content of macOS High Sierra 10.13.4, Security Update 2018-002 Sierra, and Security Update 2018-002 El Capitan.
|
Read more »
14:26
About the security content of iCloud for Windows 7.8
This document describes the security content of iCloud for Windows 7.8.
|
Read more »
14:24
About the security content of iTunes 12.9.1 for...
This document describes the security content of iTunes 12.9.1 for Windows.
|
Read more »
14:03
About the security content of tvOS 12.1.1
This document describes the security content of tvOS 12.1.1.
|
Read more »
14:03
About the security content of Safari 12.0.2
This document describes the security content of Safari 12.0.2.
|
Read more »
14:02
About the security content of iTunes 12.9.2 for...
This document describes the security content of iTunes 12.9.2 for Windows.
|
Read more »
13:58
About the security content of iOS 12.1.3
This document describes the security content of iOS 12.1.3.
|
Read more »
13:56
About the security content of Safari 12.0.3
This document describes the security content of Safari 12.0.3.
|
Read more »
13:44
About the security content of watchOS 5.2
This document describes the security content of watchOS 5.2.
|
Read more »
Thursday December 6
23:10
About the security content of iOS 12.1.1
Monday May 3
09:17
iPad: How to transfer or sync content to your...
