Jamf Blog

Posts in the Jamf Threat Labs Category

May 17, 2019 by Jamf Threat Labs

Suspected Bug Collision: iOS/OSX Content Filter Kernel UAF Analysis + POC

The iOS 12.3/MacOS 10.14.5 version was released on May 13th, 2019. This update patched a Use-After-Free vulnerability in the XNU kernel that Jamf Threat Labs team independently discovered in early May 2019. However, at the time of writing, the Jamf team is not aware whether a CVE was assigned to this vulnerability since it was patched during our preparations to disclose this vulnerability to Apple.

March 24, 2019 by Jamf Threat Labs

CVE-2019-7286 Part II: Gaining PC Control

Following our previous blog post “Analysis and Reproduction of iOS/OSX Vulnerability: CVE-2019-7286” we discussed the details of CVE-2019-7286 vulnerability – a double-free vulnerability that was patched in the previous release of iOS and was actively exploited in the wild. There is no public information about this vulnerability.

March 12, 2019 by Jamf Threat Labs

Analysis and Reproduction of iOS/OSX Vulnerability: CVE-2019-7286 - Jamf Threat Labs

Learn about the four vulnerabilities patched in iOS 12.1.4, two of which were exploited in the wild as zero days, according to Project Zero's Ben Hawkes. Join Threat Labs as they analyze and reveal more details about these vulnerabilities.

Subscribe to the Jamf Blog

Have market trends, Apple updates and Jamf news delivered directly to your inbox.

To learn more about how we collect, use, disclose, transfer, and store your information, please visit our Privacy Policy.