Apple special event: September 2020

Apple is hosting a special event on Wednesday Tuesday, September 15, 2020, at 10 a.m. Pacific Time. They’ve not released one shred of information on the topic. The logo for the event,

Infinite loop Apple logo

is an infinitely-looping ribbon that forms the Apple logo. This is also a nice pun on the formal address for Apple’s old headquarters, 1 Infinite Loop, Cupertino, California.

Speculation, based on next to nothing, suggests it might be focused on a new Apple Watch and a new iPad Air. Exactly how a looping blue ribbon relates to watches or iPads is unknown. It is also speculated that Apple will announce formal release dates for macOS 11 Big Sur, iOS 14, iPadOS 14, watchOS 7, and tvOS 14.

You can watch the event by going here:

https://www.apple.com/apple-events/

or by using your Apple TV and the Apple Events app to watch it on your TV.

Books about Macs Black Friday sale

In recent meetings, we’ve mentioned Take Control Books. Originally done as an offshoot of one of the first Macintosh mailing lists (established in 1984), Take Control Books are electronic books dealing with mostly Mac-centric topics, such as macOS, Photos, Pages, etc.

Take Control Books is having a “Black Friday” sale on some of their most important books, including several mentioned in recent meetings. While I haven’t read most of these, I do have quite a few of their books, and highly recommend them. They cover critical Mac topics quite well.

Here is the announcement of their sale, with links:

✩✩✩

The sale is on! From now through next Monday, December 2, we’re having a Black Friday/Cyber Monday sale—50% off on our most recent releases. No coupon or special links are required.

Here are the books that are on sale:

Connect and Secure Your iPhone and iPad
Take Control of Automating Your Mac
Take Control of Calendar and Reminders
Take Control of Catalina
Take Control of iOS 13 and iPadOS 13
Take Control of macOS Media Apps
Take Control of Notes
Take Control of Photos
Take Control of Upgrading to Catalina
Take Control of Wi-Fi Networking and Security
Take Control of Your Apple ID
Take Control of Your Browser
Take Control of Your Digital Photos

The sale ends promptly at midnight on Monday, December 2 (Pacific time).

✩✩✩

They have a large number of books available, covering almost any Mac or iOS topic you can imagine: https://www.takecontrolbooks.com/catalog/

The nice thing about their books: because they are electronic, you can find a book you want, buy it, download it, and be reading it almost immediately. Books are available in ePub (iPad and iPhone), Mobi (Kindle), and PDF (Acrobat) format.

September 2019: macOS Catalina Preview

The September 17, 2019 meeting of Strait Macintosh User Group focused on macOS Catalina 10.15. The meeting was held at the Sequim Library, 630 N. Sequim Ave., Sequim, WA. Notes by Secretary Kathleen Charters.

Business Meeting

Meeting called to order at 7 p.m. by President Sabrina Davis.

Sabrina welcomed new members and reviewed the group’s finances. In July, dues were set at $24 per family per year. Using dues collected at the July 2019 meeting, treasurer Annalis Schutmann and Secretary Kathleen Charters opened a checking account for SMUG, with a beginning balance of $414. After checks and other fees, this left the group with a balance of $386.

Vice President Lawrence Charters requested that we spend a large portion of this money to finish setting up the SMUG website on WordPress.com. While the site is working as designed, hosted for free, there are limits on what you can do with a free site: you can’t use a custom domain name (every WordPress.com site is going to end in xxx.wordpress.com), there is no technical support, there are severe limits on how much server space you can use, there are limits on how much you can customize a site, you cannot keep WordPress.com from posting ads on the site, you can’t link to social media, etc. The cost for all of this would be less than $150/year, though how much less is not certain.

There are alternatives, with the same benefits for less than $100/year. One big advantage of using WordPress.com: everything can be built and administered with only a web browser. There is no need for specialized software, no arcane knowledge of Unix or HTTP or PHP or various other odd combinations of letters, numbers and symbols, and multiple people can help populate the site with content.

There was a discussion about reusing the existing SMUG domain, straitmac.org. The site domain registration runs out in April 2020 [at the meeting, it was thought it might be December 2019, but checking, it is 4/4/2020], and the site is hosted on plypen.com. Olypen told SMUG last year that they could not support many of the features SMUG wanted without a doubling of the $100/year price.

Hosting the site elsewhere (GoDaddy, Blue Host, etc.) would be less expensive, but would require a higher level of technical knowledge, and while this wouldn’t be a problem for Lawrence, the group felt more comfortable with the idea that wordpress.com required “only a web browser,” with WordPress.com caring for the updates and infrastructure. The motion to spend the money to build out the site on wordpress.com was moved, seconded, and passed unanimously.

Sabrina asked if it would be possible to post ads to buy, sell or trade Macs and iPhones on the site, and Lawrence cautioned that, as SMUG is a non-profit, the organization has to refrain from activities that might appear to be commercial. The group discussed alternatives (Craigslist, Next Door, etc.), including possibly using the group email list. Some members expressed concern about using the email list as “one person’s ad is someone else’s spam.”

A visitor asked how to become a member, and what, exactly, SMUG did. The answer (from a number of people) was: Strait Macintosh User Group (SMUG) is a non-profit organization that meets monthly or, sometimes, bi-monthly, and discusses Macintosh hardware and software, iPhone hardware and software, iPad hardware and software, Apple Watch hardware and software, etc. Family memberships are $24 per year. At present, the major expense will probably be the website. Currently, meetings are in Sequim, but there have been some requests to hold meetings in Port Angeles. A message will be sent out to the mailing lists asking about interest in holding Port Angeles meetings.

Topics suggested for future meetings:

  • How to organize files
  • Introduction to Google Drive, Docs, Sheets, Google Keep
  • How to securely configure a Mac
  • How to securely configure an iPhone

Presentation: Preview of macOS Catalina

At Apple’s Special Event on September 10, 2019 (you can see the entire video on Apple’s site https://www.apple.com/apple-events/september-2019/), Apple said Catalina would be out “in October,” with nothing more specific. iOS 13 and watchOS 6 will be out September 19, and Apple TV 6 and iPad OS 13 (really, the first version, but apparently it will be called 13) should be out the last week of September.

Apple’s event was only focused on hardware and services, introducing new phones, watches, and an iPad, plus a brief review of Apple TV+ and Apple Arcade. Yet even though Catalina was only mentioned in passing, it is a huge advance for macOS, as it will be the first version of any Mac operating system that is 64-bit only; it will not run 32-bit software, or (for that matter), 16-bit or 8-bit. This is a security measure, and a powerful one.

Moving to 64-bit was first pioneered by iOS 11 on the iPhone and iPad. Since that time, iOS devices use only a 64-bit ARM processor and run only 64-bit software. These steps not only made iPhones and iPads faster, but also more secure, for reasons that are very real if a bit hard to explain. Catalina’s move to support just 64-bit processors and 64-bit applications should also see an increase in speed and efficiency, as well as security.

Lawrence did not advise anyone to install the beta of Catalina, unless they happened to have a Mac they are willing to erase at some point. Significant parts of the operating system are still in test. For one thing, any 32-bit applications they have will simply not work. Lawrence demonstrated this by showing that the scanning software he used for his scanner is dead (the manufacturer has released an entirely new suite to replace it), and Apple’s Aperture photo management software is — dead.

Aside: Asked what he uses instead of Aperture, Lawrence said that Apple’s “replacement” for Aperture was Apple Photos, which is free to everyone with a compatible Mac. Apple Photos is quite good, but Lawrence went a different route, and is now using Adobe Lightroom. For people who don’t have tens of thousands of photos, Apple Photos (available for Macs, iPhones, and iPads) is probably more than adequate.

Lawrence then demonstrated one huge advance in Catalina: all user data is on its own disk partition, separate from the operating system. Putting the operating system on its own partition, and then severely limiting access to that partition, vastly improves security. Lawrence demonstrated this by booting into Recovery Mode, launching Disk Utility from the Recovery Partition, and then showing the three partitions of the drive: the Recovery partition, the operating system partition, and the user data partition.

macOS Catalina puts the operating system in its own partition (on this machine, the partition named "Portacray"), separate from all user data (the highlighted "Portacray-Data" partition). The partition used for the Recovery Partition is at the bottom, "macOS Base System."
macOS Catalina puts the operating system in its own partition (on this machine, the partition named “Portacray”), separate from all user data (the highlighted “Portacray-Data” partition). The partition used for the Recovery Partition is at the bottom, “macOS Base System.” Click on the image for a closer look.

As soon as Catalina comes out, Lawrence intends to put it on all his machines except one (and that machine, a Mac mini, is too old to support it, anyway).

Speaking of the Recovery Partition, Lawrence strongly encouraged everyone to learn how to use the Recovery Partition before they had an emergency. The Recovery Partition allows you to launch Disk First Aid (to check the hard drive), to reinstall macOS, to restore a drive from a Time Machine backup, to get help online (the Recovery Mode can use Ethernet or Wi-Fi to reach the Internet), to use Network Utility to check network connection, and to use Terminal to use command-line utilities and diagnostics. Booting the Recovery Partition is easy: restart the machine and hold down ⌘ and R until you see the Apple logo or a spinning globe. More information on the Recovery Partition can be found on Apple’s website at https://support.apple.com/en-us/HT201314

Not all Macs are compatible with Catalina. For a complete list, see Apple’s listing at https://support.apple.com/en-us/HT210222

Macs compatible with macOS Catalina, from Apple's website.
Macs compatible with macOS Catalina, from Apple’s website.

Aside: Lawrence was asked how to tell which model Mac you might have, since Apple tends to call all their Macs by certain broad names. In order to see what model you have, go to the Apple Menu, select About This Mac, and your Mac’s model and model year will appear.

Under the Apple Menu, About This Mac will tell you what model Macintosh you are using. In this case, the Mac is an iMac 21.5 inch, 2017.
Under the Apple Menu, About This Mac will tell you what model Macintosh you are using. In this case, the Mac is an iMac 21.5 inch, 2017.

Even if you do not plan to upgrade to Catalina, you should immediately go to the Apple App Store and download macOS Mojave. Once Catalina is released, Mojave will not be offered on the App Store for download.

And if you do not think you want to install Catalina, reconsider. With Catalina’s release, Apple will also release acknowledgment of various bugs and vulnerabilities patched in Catalina, and thank the developers who found them. Hackers will immediately use this list of bugs to start attacking Macs that have not been updated.

If you have an older machine that cannot be updated, considering retiring it, and getting a new Mac. Or at least getting a newer Mac. Older Macs that are compatible with Catalina are available from various resellers, or from an individual wanting a newer machine.

As mentioned earlier, Catalina will not launch 32-bit applications; only 64-bit applications. Before installing, you should check for all 32-bit programs on your machine. There are two ways to do this, one easy and another a bit more difficult. The easy way: St. Clair Software has released a free program, Go64, which will inventory every application on your machine and present a nice, neat listing of applications that are 32-bit, 64-bit, or a mixture of both. The listing is sortable, and includes the website of the developer, in case you want to go and check to see if an application has a newer, 64-bit version available. You can get Go64 here: https://www.stclairsoft.com/Go64/

The slightly more difficult way is also free. Go to your Mac’s Apple menu, select About This Mac, press the button called System Report, scroll down to the bottom, where Software is listed, select Applications, and then – wait a bit. Your Mac will build a listing of every application on your machine, and the right-most column, labeled 64-bit, will show a Yes if something is 64-bit and No if something is not. The columns are sortable, so click on the 64-bit column heading to clump all the “No” responses together. This isn’t quite as easy to use as Go64, but it is built right into your Mac.

Lawrence wanted to demonstrate a neat new feature of macOS Catalina and the new iPadOS: the ability to use an iPad as an additional screen for your Mac. Not only can you use an iPad as an additional screen, but you can draw on the iPad, and then use your drawing on the Mac (assuming the iPad and Mac have programs that are compatible with one another). This new capability is called SideCar.

Unfortunately, Lawrence’s MacBook Pro is new enough to support Catalina, but too old to support SideCar. The list of supported Macs is fairly short:

  • 27-inch iMac (Late 2015 or newer)
  • iMac Pro
  • MacBook Pro (2016 or newer)
  • MacBook Air (2018)
  • 12-inch MacBook (early 2016 or newer)
  • Mac mini (2018)
  • Mac Pro (2019)

In addition to the speed and security improvements, Catalina also comes with some revamped applications:

  • Reminders – brings some nice improvements, but Lawrence did not test it as the first thing it did was prompt him to upgrade a whole bunch of devices to iOS 13 and Catalina, which really aren’t out yet.
  • Notes: Catalina adds a nice thumbnail gallery view, which is considerably more useful than the current listing of first lines of notes.
  • Find my: this new application replaces Find iPhone and Find Friends, and now works on iPads, iPhones, and Macs. It works by mapping device locations to the closest Internet access point, which may be a Wi-Fi router in a home or a mobile telephone tower on a different continent.
  • Music: iTunes has been split apart, into a new Music application and a separate Podcast application. This closely matches changes introduced on iPhones and iPads.
  • Apple TV: an Apple TV app was added to iOS last year, and now it is available on the Mac, too. It supports Apple’s new streaming service Apple TV+, and also handles any movies you may have purchased through iTunes. Note: it does not provide local broadcast TV service. For that, look at something like YouTube TV, from Google, https://tv.youtube.com/

Lawrence recommended not connecting Macs running older operating systems to the Internet. Want to use them for playing non-Internet games? Fine. Want to use them for scanning things using an old scanner? Fine. But keep them off the Internet; no email, no web browsing. Virtually all Mac security compromises come from email or web browsing.

One individual stated that he connects multiple hard drives to their Mac, with different operating systems, allowing them to “revert” to an older operating system just by rebooting. Lawrence strongly recommended not to do this. When you boot an operating system from disk, the operating system changes how your Mac uses memory, changes what is in memory, changes how it accesses and stores things on disk, and, in newer operating systems, also encrypts memory. Switching between operating systems on the same Mac runs a high risk of corrupting data on the hard drive and losing everything stored on a drive, without hope of recovery.

One way to maintain old operating systems safely: Parallels. Parallels Desktop for Mac ($79.99) allows you to create “virtual” machines that run on your Mac. You can run Windows 10 (you still need a copy of Windows 10), Linux (you can download Linux for free), or older versions of macOS. These operating systems will run on “top” of Catalina, which was the inspiration for the name Parallels. https://www.parallels.com/products/desktop/

Lawrence was asked about Fusion, which is another software virtualization tool. Fusion is popular with system administrators because most of them are trained in Windows, and VMWare (which makes Fusion) also makes one of the most popular virtualization packages for running on Windows machines. And there is the problem: Fusion is not as fast as Parallels, and is not particularly Mac-like. But it does work. https://www.vmware.com/products/fusion.html

The meeting ended with a Question and Answer session. The rule for this section: the question and the answer should be something that can reasonably be asked in three to five minutes.

Questions and Answers

Q: How do you turn off storing the location of a photo on a specific photo? I don’t want that information uploaded with photos to social media.

A: The iPhone stores the location of where a photo was taken (or at least a guess) inside of every photo as GPS metadata. This is a good thing, as it helps you remember what and where you were when you are sorting through photos. Rather than turn on and off this setting on specific photos, it is much easier to simply remove the metadata from photos with an application. The Apple Mac App Store has free utilities to remove metadata; search for “remove photo exif” data and you should find several.

Q: What should I do if a machine is sluggish?

A: First thing: check hard drive health. Use ⌘-spacebar to bring up a search box on your Mac, type in “disk utility” and press enter. This will find and launch Disk Utility. Click on the first tab, First Aid, and have Disk Utility check your hard drive to see if the directory is healthy. If you see any errors, have Disk Utility fix them. If Disk Utility cannot, seek professional assistance.

Beyond that: most people think their computer is sluggish because their Internet connection is slow. A great many things, even searching your hard drive, trigger connecting to the Internet, and if your Internet connection is slow or unreliable, your computer will seem sluggish.

Another common problem specific to web browsers: cache bloat. Your web browser stores bits and pieces of websites on your machine, to increase the apparent speed of sites that you visit over and over. After a while, you end up with thousands, or tens of thousands, of small web bits and pieces on your computer, and it takes a while for your browser to sort through all that stuff. Cleaning the cache can not only speed up your browser, but also recover gigabytes of disk space. Note: emptying the cache may also delete cookies, and if you commonly have your browser store your password, this could keep you out of some websites.

Speeding up Apple Mail: empty out your Junk folder. Some people have tens of thousands of messages in Junk Mail. Empty it. Clearing out Junk Mail and deleting old messages greatly reduces the amount of stuff that Mail has to sort through, and speeds it up immensely.

Don’t store stuff on your Desktop. It is OK to have a document or three, but some people literally cover their desktop with documents and other things. Each time your Mac boots, or you interact with the Desktop, your Mac must sort through all that stuff.

Q: Should I wait for phones with 5G before upgrading my iPhone?

A: 5G doesn’t really exist, despite what commercials on TV might suggest. If and when 5G is deployed, it will appear in large cities long before it appears in Clallam County or Sequim. If you need a new iPhone or iPad, don’t worry about the semi-mythical high-speed 5G services; you won’t miss them, probably for several years.

Similarly, don’t worry about computers or routers supporting Wi-Fi 6. In theory, Wi-Fi 6 is 40% faster than Wi-Fi 5 (previously called 802.11ac). For virtually all of us, our home Wi-Fi router can provide far, far faster speeds than our ISP (Internet Service Provider) can support. In Clallam, most people have broadband Internet speeds of 5 to 10 Mbps (megabits per second). A Wi-Fi 5 router can support speeds of up to several gigabits per second – until it hits your ISP’s cable box, at which point it will be literally a thousand times slower.

Q: Can you use Wi-Fi to improve phone reception?

A: Yes, sometimes. Both AT&T and Verizon support what they call “Wi-Fi calling.” This essentially uses your home’s Wi-Fi and your ISP’s cable service to help send and receive phone calls. You can turn this on under Settings > Cellular > Wi-Fi Calling > On. It doesn’t cost anything extra, and for some people, it may be the only way to get mobile phone service in your home or office.

Q: [General question about 911 service and emergencies.]

A: Several people noted that the Great Washington Shakeout will be held October 17. This is a state-wide, voluntary exercise to prepare an emergency plan for your home and office, and test it on October 17. Given that Clallam County is at the edge of the Cascadia Subduction Zone, and that Clallam has limited access (due to a floating bridge, mountains, an ocean, and few highways), and no electrical power is generated on the peninsula, and the nearest large city is in another nation, and … generally speaking, you should check out the website and participate in the exercise: https://www.shakeout.org

Next meeting

The group decided the October 15 meeting would be on Securely Configuring macOS Catalina. Most of what will be presented also applies to Mojave, High Sierra, and Sierra, in case you haven’t upgraded by then.

The meeting will be at the Sequim Public Library, and begin at 7 p.m.

Note: SMUG received some email messages about the meeting starting “before 7 p.m.” It was explained that, during meeting setup from 6:30-7 p.m., those present did engage in technical gossip about Macs, iPhones, Apple TV, and other things, but the meeting itself didn’t start until 7 p.m., and the presentation started around 7:15. If you arrive early and want to talk about “Mac stuff,” that is fine, but the meeting and program start at 7 p.m.

Coming soon

Coming soon

Apple WWDC19 was full of wonders

Apple’s World Wide Developer Conference (WWDC) was held earlier today, and Apple made a number of announcements:

New Mac Pro is a highly customizable box.
The new Mac Pro is endlessly customizable, offering huge amounts of memory, storage, video power, etc. There is even a rack-mounted version, in case you want a small herd of these for crunching vast herds of bits and bytes.
  • iOS 13 is aimed at being much faster, even on existing hardware, and is bringing Dark Mode to the small screen, along with outstanding security and privacy;
  • iPad software is being split off from the iPhone to a new iPadOS, with features that take advantage of the vastly larger screen;
  • the Mac Pro returns, in a powerful 28-core monster;
  • Apple returns to the display business with an exotic Pro Display XDR;
  • watchOS 6 will add new health and fitness metrics and capabilities, and new watch faces;
  • tvOS 13 will allow multiple user profiles, so you can watch what you want, and listen to what you want;
  • macOS Catalina returns to the California coast, and splits iTunes apart with separate apps for Apple Music, podcasts, and Apple TV;
  • another huge change to macOS Catalina is Sidecar, a built-in capability to use your iPad as an additional screen of your Mac, and use iPad capabilities — such as the pen — with your Mac;
  • accessibility changes, to macOS, iOS, and iPadOS, promise to vastly expand what can be done by those with vision, hearing, or mobility limitations, including both the very young and the very old.
iPadOS showing Dark Mode and something more than apps on the home screen.
New iPadOS showing Dark Mode and the ability to display information on the home screen.

You can watch the keynote (a bit more than two hours) here.

Tapping the Apple Watch face will soon allow you to record a voice memo.
Soon you will be able to record a voice memo on your Apple Watch with just a tap.

Most people will never own a Mac Pro; fully equipped with the new Pro Display XDR, you could buy a decent car — a new car — for the same price, or less. But almost everyone with an Apple device will benefit from iOS 13, iPadOS, tvOS 13, watchOS 6, and macOS Catalina. In particular, the accessibility features, and the vastly expanded iPad capabilities, are worth a long, thoughtful look. And the security and privacy features built into the new operating systems — all the operating systems — are extraordinary.

The programming tools will roll out immediately, with the finished iPhone, iPad, watch, TV, and Mac operating systems coming out in the fall. The Mac Pro and Pro Monitor will be out “this fall,” but you can sign up to be notified when they are getting close.

An iPhone Note in Dark Mode, with an option to send an email notification directly from the Note.
iPhone Notes in Dark Mode, with the option of sending an email notification directly from the note.

Since this is the World Wide Developers conference, there was also a presentation on coding, and it was impressive. While GUI (Graphical User Interface) programming has been touted for a couple decades, the reality is that complex programming is almost entirely based on thousands, or millions, of lines of text-only code. But with the forthcoming Xcode 11, you really can drag-and-drop large chunks of graphical elements, and large chunks of code, into your application code. And Apple has vastly reduced the code barriers between macOS and iOS apps with new technology that lets you very quickly, and fairly painlessly, transform an iOS app into a Macintosh application in just a few days.

Xcode 11 will offer drag-and-drop programming, and you can code for a Watch, Apple TV, Mac, iPad or iPhone by just selecting an option at the start of the project -- and little more.
Code on the left, with a live preview of the result on the right, compliments of the new Xcode 11.

tvOS 12.3 security update

Apple released a security update for Apple TV, tvOS 12.3, on May 13, 2013. You can subscribe to Apple security announcements at https://lists.apple.com/mailman/listinfo/security-announce/


APPLE-SA-2019-5-13-3 tvOS 12.3

tvOS 12.3 is now available and addresses the following:

AppleFileConduit
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8593: Dany Lisiansky (@DanyL931)

CoreAudio
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted movie file may lead to
arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8585: riusksk of VulWar Corp working with Trend Micro’s Zero
Day Initiative

Disk Images
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious application may be able to read restricted memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2019-8560: Nikita Pupyshev of Bauman Moscow State Technological
University

Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious application may be able to execute arbitrary code
with system privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2019-8605: Ned Williamson working with Google Project Zero

Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: A local user may be able to cause unexpected system
termination or read kernel memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2019-8576: Brandon Azad of Google Project Zero, unho Jang and
Hanul Choi of LINE Security Team

Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to cause unexpected system
termination or write kernel memory
Description: A type confusion issue was addressed with improved
memory handling.
CVE-2019-8591: Ned Williamson working with Google Project Zero

MobileInstallation
Available for: Apple TV 4K and Apple TV HD
Impact: A local user may be able to modify protected parts of the
file system
Description: A validation issue existed in the handling of symlinks.
This issue was addressed with improved validation of symlinks.
CVE-2019-8568: Dany Lisiansky (@DanyL931)

MobileLockdown
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious application may be able to gain root privileges
Description: An input validation issue was addressed with improved
input validation.
CVE-2019-8637: Dany Lisiansky (@DanyL931)

SQLite
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to gain elevated privileges
Description: An input validation issue was addressed with improved
memory handling.
CVE-2019-8577: Omer Gull of Checkpoint Research

SQLite
Available for: Apple TV 4K and Apple TV HD
Impact: A maliciously crafted SQL query may lead to arbitrary code
execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2019-8600: Omer Gull of Checkpoint Research

SQLite
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious application may be able to read restricted memory
Description: An input validation issue was addressed with improved
input validation.
CVE-2019-8598: Omer Gull of Checkpoint Research

SQLite
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious application may be able to elevate privileges
Description: A memory corruption issue was addressed by removing the
vulnerable code.
CVE-2019-8602: Omer Gull of Checkpoint Research

sysdiagnose
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8574: Dayton Pidhirney (@_watbulb) of Seekintoo (@seekintoo)

WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may result in the
disclosure of process memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8607: Junho Jang and Hanul Choi of LINE Security Team

WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2019-6237: G. Geshev working with Trend Micro Zero Day
Initiative, Liu Long of Qihoo 360 Vulcan Team
CVE-2019-8571: 01 working with Trend Micro’s Zero Day Initiative
CVE-2019-8583: sakura of Tencent Xuanwu Lab, jessica (@babyjess1ca_)
of Tencent Keen Lab, and dwfault working at ADLab of Venustech
CVE-2019-8584: G. Geshev of MWR Labs working with Trend Micro Zero
Day Initiative
CVE-2019-8586: an anonymous researcher
CVE-2019-8587: G. Geshev working with Trend Micro Zero Day Initiative
CVE-2019-8594: Suyoung Lee and Sooel Son of KAIST Web Security &
Privacy Lab and HyungSeok Han and Sang Kil Cha of KAIST SoftSec Lab
CVE-2019-8595: G. Geshev from MWR Labs working with Trend Micro Zero
Day Initiative
CVE-2019-8596: Wen Xu of SSLab at Georgia Tech
CVE-2019-8597: 01 working with Trend Micro Zero Day Initiative
CVE-2019-8601: Fluoroacetate working with Trend Micro’s Zero Day
Initiative
CVE-2019-8608: G. Geshev working with Trend Micro Zero Day Initiative
CVE-2019-8609: Wen Xu of SSLab, Georgia Tech
CVE-2019-8610: Anonymous working with Trend Micro Zero Day Initiative
CVE-2019-8611: Samuel Groß of Google Project Zero
CVE-2019-8615: G. Geshev from MWR Labs working with Trend Micro’s
Zero Day Initiative
CVE-2019-8619: Wen Xu of SSLab at Georgia Tech and
Hanqing Zhao of Chaitin Security Research Lab
CVE-2019-8622: Samuel Groß of Google Project Zero
CVE-2019-8623: Samuel Groß of Google Project Zero
CVE-2019-8628: Wen Xu of SSLab at Georgia Tech and
Hanqing Zhao of Chaitin Security Research Lab

Wi-Fi
Available for: Apple TV 4K and Apple TV HD
Impact: A device may be passively tracked by its WiFi MAC address
Description: A user privacy issue was addressed by removing the
broadcast MAC address.
CVE-2019-8620: David Kreitschmann and Milan Stute of Secure Mobile
Networking Lab at Technische Universität Darmstadt

Additional recognition

CoreFoundation
We would like to acknowledge Vozzie and Rami and m4bln, Xiangqian
Zhang, Huiming Liu of Tencent’s Xuanwu Lab for their assistance.

Kernel
We would like to acknowledge Brandon Azad of Google Project Zero and
an anonymous researcher for their assistance.

MediaLibrary
We would like to acknowledge Angel Ramirez and Min (Spark) Zheng,
Xiaolong Bai of Alibaba Inc. for their assistance.

MobileInstallation
We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for
their assistance.

Installation note:

Apple TV will periodically check for software updates. Alternatively,
you may manually check for software updates by selecting
“Settings -> System -> Software Update -> Update Software.”

To check the current version of software, select
“Settings -> General -> About.”

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222