UPDATE:
As I had predicted, Apple was up to their ears in bugs Apple
never sufficiently tested for and therefore Apple didn't find...
o Apple issues 11 security alerts – here's how to update
<
https://www.komando.com/news/apple-patches-11-security-flaws/740269/>
"Here's...Apple hardware and software in need of a critical security patch:
iOS 13.5 and iPadOS 13.5
iOS 12.4.7
macOS Catalina 10.15.5
Security Update 2020-003 for Mojave and High Sierra
tvOS 13.4.5
watchOS 6.2.5
watchOS 5.3.7
Safari 13.1.1 (this update is built into the Catalina fix)
iTunes 12.10.7 for Windows
iCloud for Windows 11.2
iCloud for Windows 7.19
Windows Migration Assistant 2.2.0.0"
o CVE-2019-20503:
*Not found by Apple*, found by Natalie Silvanovich of Google Project Zero
o CVE-2020-9800:
*Not found by Apple*, found by Brendan Draper (@6r3nd4n) working with Trend Micro Zero Day Initiative
o CVE-2020-9801:
*Not found by Apple*, found by @jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Microÿs Zero Day Initiative
o CVE-2020-9802:
*Not found by Apple*, found by Samuel Gross of Google Project Zero
o CVE-2020-9803:
*Not found by Apple*, found by Wen Xu of SSLab at Georgia Tech
o CVE-2020-9805:
*Not found by Apple*, found by an anonymous researcher
o CVE-2020-9806:
*Not found by Apple*, found by Wen Xu of SSLab at Georgia Tech
o CVE-2020-9807:
*Not found by Apple*, found by Wen Xu of SSLab at Georgia Tech
o CVE-2020-9843:
*Not found by Apple*, found by Ryan Pickren (
ryanpickren.com)
o CVE-2020-9850:
*Not found by Apple*, found by @jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Microÿs Zero Day Initiative
o CVE-2019-20044:
*Not found by Apple*, found by Sam Foxman
o CVE-2020-3878:
*Not found by Apple*, found by Samuel Gross of Google Project Zero
o CVE-2020-3882:
*Not found by Apple*, found by Andy Grant of NCC Group
o CVE-2020-9771:
*Not found by Apple*, found by Csaba Fitzl (@theevilbit) of Offensive Security
o CVE-2020-9772:
*Not found by Apple*, found by Allison Husain of UC Berkeley
o CVE-2020-9788:
*Not found by Apple*, found by Wojciech Regula of SecuRing (
https://wojciechregula.blog)
o CVE-2020-9789:
*Not found by Apple*, found by Wenchao Li of VARAS@IIE
o CVE-2020-9790:
*Not found by Apple*, found by Xingwei Lin of Ant-financial Light-Year Security Lab
o CVE-2020-9791:
*Not found by Apple*, found by Yu Zhou (@yuzhou6666) working with Trend Micro Zero Day Initiative
o CVE-2020-9792:
*Not found by Apple*, found by Andy Davis of NCC Group
o CVE-2020-9795:
*Not found by Apple*, found by Zhuo Liang of Qihoo 360 Vulcan Team
o CVE-2020-9797:
*Not found by Apple*, found by an anonymous researcher
o CVE-2020-9804:
*Not found by Apple*, found by Andy Davis of NCC Group
o CVE-2020-9808:
*Not found by Apple*, found by Xinru Chi and Tielei Wang of Pangu Lab
o CVE-2020-9809:
*Not found by Apple*, found by Benjamin Randazzo (@____benjamin)
o CVE-2020-9811:
*Not found by Apple*, found by Tielei Wang of Pangu Lab
o CVE-2020-9812:
*Not found by Apple*, found by derrek (@derrekr6)
o CVE-2020-9813:
*Not found by Apple*, found by Xinru Chi of Pangu Lab
o CVE-2020-9814:
*Not found by Apple*, found by Xinru Chi and Tielei Wang of Pangu Lab
o CVE-2020-9815:
*Not found by Apple*, found by Yu Zhou (@yuzhou6666) working with Trend Micro Zero Day Initiative
o CVE-2020-9816:
*Not found by Apple*, found by Peter Nguyen Vu Hoang of STAR Labs working with Trend Micro Zero Day Initiative
o CVE-2020-9817:
*Not found by Apple*, found by Andy Grant of NCC Group
o CVE-2020-9821:
*Not found by Apple*, found by Xinru Chi and Tielei Wang of Pangu Lab
o CVE-2020-9822:
*Not found by Apple*, found by ABC Research s.r.o
o CVE-2020-9824:
*Not found by Apple*, found by Csaba Fitzl (@theevilbit) of Offensive Security
o CVE-2020-9825:
*Not found by Apple*, found by Sreejith Krishnan R (@skr0x1C0)
o CVE-2020-9826:
*Not found by Apple*, found by Dor Hadad of Palo Alto Networks
o CVE-2020-9827:
*Not found by Apple*, found by Jannik Lorenz of SEEMOO @ TU Darmstadt
o CVE-2020-9828:
*Not found by Apple*, found by Jianjun Dai of Qihoo 360 Alpha Lab
o CVE-2020-9830:
*Not found by Apple*, found by Tielei Wang of Pangu Lab
o CVE-2020-9831:
*Not found by Apple*, found by Yu Wang of Didi Research America
o CVE-2020-9832:
*Not found by Apple*, found by Yu Wang of Didi Research America
o CVE-2020-9833:
*Not found by Apple*, found by Yu Wang of Didi Research America
o CVE-2020-9834:
*Not found by Apple*, found by Yu Wang of Didi Research America
o CVE-2020-9837:
*Not found by Apple*, found by Thijs Alkemade of Computest
o CVE-2020-9839:
*Not found by Apple*, found by @jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro¢s Zero Day Initiative
o CVE-2020-9841:
*Not found by Apple*, found by ABC Research s.r.o. working with Trend Micro Zero Day Initiative
o CVE-2020-9842:
*Not found by Apple*, found by Linus Henze (
pinauten.de)
o CVE-2020-9844:
*Not found by Apple*, found by Ian Beer of Google Project Zero
o CVE-2020-9847:
*Not found by Apple*, found by Zhuo Liang of Qihoo 360 Vulcan Team working with 360 BugCloud (
bugcloud.360.cn)
o CVE-2020-9851:
*Not found by Apple*, found by Linus Henze (
pinauten.de)
o CVE-2020-9852:
*Not found by Apple*, found by Tao Huang and Tielei Wang of Pangu Lab
o CVE-2020-9855:
*Not found by Apple*, found by Zhongcheng Li(CK01) of Topsec Alpha Team
o CVE-2020-9856:
*Not found by Apple*, found by @jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro¢s Zero Day Initiative
o CVE-2020-9857:
*Not found by Apple*, found by Dlive of Tencent Security Xuanwu Lab
o CVE-2020-3878:
*Not found by Apple*, found by Samuel Gross of Google Project Zero
o CVE-2020-9789:
*Not found by Apple*, found by Wenchao Li of VARAS@IIE
o CVE-2020-9790:
*Not found by Apple*, found by Xingwei Lin of Ant-financial Light-Year Security Lab
o CVE-2020-9800:
*Not found by Apple*, found by Brendan Draper (@6r3nd4n) working with Trend Micro Zero Day Initiative
o CVE-2020-9802:
*Not found by Apple*, found by Samuel Gross of Google Project Zero
o CVE-2020-9803:
*Not found by Apple*, found by Wen Xu of SSLab at Georgia Tech
o CVE-2020-9805:
*Not found by Apple*, found by an anonymous researcher
o CVE-2020-9806:
*Not found by Apple*, found by Wen Xu of SSLab at Georgia Tech
o CVE-2020-9807:
*Not found by Apple*, found by Wen Xu of SSLab at Georgia Tech
o CVE-2020-9843:
*Not found by Apple*, found by Ryan Pickren (
ryanpickren.com)
o CVE-2020-9850:
*Not found by Apple*, found by @jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro Zero Day Initiative
o CVE-2020-3878:
*Not found by Apple*, found by Samuel Gross of Google Project Zero
o CVE-2020-9789:
*Not found by Apple*, found by Wenchao Li of VARAS@IIE
o CVE-2020-9790:
*Not found by Apple*, found by Xingwei Lin of Ant-financial Light-Year Security Lab
o CVE-2020-9800:
*Not found by Apple*, found by Brendan Draper (@6r3nd4n) working with Trend Micro Zero Day Initiative
o CVE-2020-9802:
*Not found by Apple*, found by Samuel Gross of Google Project Zero
o CVE-2020-9803:
*Not found by Apple*, found by Wen Xu of SSLab at Georgia Tech
o CVE-2020-9805:
*Not found by Apple*, found by an anonymous researcher
o CVE-2020-9806:
*Not found by Apple*, found by Wen Xu of SSLab at Georgia Tech
o CVE-2020-9807:
*Not found by Apple*, found by Wen Xu of SSLab at Georgia Tech
o CVE-2020-9843:
*Not found by Apple*, found by Ryan Pickren (
ryanpickren.com)
o CVE-2020-9850:
*Not found by Apple*, found by @jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro Zero Day Initiative
o CVE-2020-9858:
*Not found by Apple*, found by Csaba Fitzl of Offensive Securityo CVE-2019-20503
*Not found by Apple*, found by Natalie Silvanovich of Google Project Zero
o CVE-2020-3878
*Not found by Apple*, found by Samuel Gross of Google Project Zero
o CVE-2020-6616
*Not found by Apple*, found by Jorn Tillmanns (@matedealer) and Jiska Classen (@naehrdine) of Secure Mobile Networking Lab
o CVE-2020-9789
*Not found by Apple*, found by Wenchao Li of VARAS@IIE
o CVE-2020-9790
*Not found by Apple*, found by Xingwei Lin of Ant-financial Light-Year Security Lab
o CVE-2020-9791
*Not found by Apple*, found by Yu Zhou (@yuzhou6666) working with Trend Micro Zero Day Initiative
o CVE-2020-9792
*Not found by Apple*, found by Andy Davis of NCC Group
o CVE-2020-9795
*Not found by Apple*, found by Zhuo Liang of Qihoo 360 Vulcan Team
o CVE-2020-9797
*Not found by Apple*, found by an anonymous researcher
o CVE-2020-9800
*Not found by Apple*, found by Brendan Draper (@6r3nd4n) working with Trend Micro Zero Day Initiative
o CVE-2020-9802
*Not found by Apple*, found by Samuel Gross of Google Project Zero
o CVE-2020-9803
*Not found by Apple*, found by Wen Xu of SSLab at Georgia Tech
o CVE-2020-9805
*Not found by Apple*, found by an anonymous researcher
o CVE-2020-9806
*Not found by Apple*, found by Wen Xu of SSLab at Georgia Tech
o CVE-2020-9807
*Not found by Apple*, found by Wen Xu of SSLab at Georgia Tech
o CVE-2020-9808
*Not found by Apple*, found by Xinru Chi and Tielei Wang of Pangu Lab
o CVE-2020-9809
*Not found by Apple*, found by Benjamin Randazzo (@____benjamin)
o CVE-2020-9811
*Not found by Apple*, found by Tielei Wang of Pangu Lab
o CVE-2020-9812
*Not found by Apple*, found by derrek (@derrekr6)
o CVE-2020-9813
*Not found by Apple*, found by Xinru Chi of Pangu Lab
o CVE-2020-9814
*Not found by Apple*, found by Xinru Chi and Tielei Wang of Pangu Lab
o CVE-2020-9815
*Not found by Apple*, found by Yu Zhou (@yuzhou6666) working with Trend Micro Zero Day Initiative
o CVE-2020-9816
*Not found by Apple*, found by Peter Nguyen Vu Hoang of STAR Labs working with Trend Micro Zero Day Initiative
o CVE-2020-9818
*Not found by Apple*, found by ZecOps.com
o CVE-2020-9819
*Not found by Apple*, found by ZecOps.com
o CVE-2020-9820
*Not found by Apple*, found by Thijs Alkemade of Computest
o CVE-2020-9821
*Not found by Apple*, found by Xinru Chi and Tielei Wang of Pangu Lab
o CVE-2020-9823
*Not found by Apple*, found by Suryansh Mansharamani, student of Community Middle School, Plainsboro, New Jersey
o CVE-2020-9825
*Not found by Apple*, found by Sreejith Krishnan R (@skr0x1C0)
o CVE-2020-9826
*Not found by Apple*, found by Dor Hadad of Palo Alto Networks
o CVE-2020-9827
*Not found by Apple*, found by Jannik Lorenz of SEEMOO @ TU Darmstadt
o CVE-2020-9829
*Not found by Apple*, found by Aaron Perris (@aaronp613), an anonymous researcher, an anonymous researcher, Carlos S Tech, Sam Menzies of Sam¢s Lounge, Sufiyan Gouri of Lovely Professional University, India, Suleman Hasan Rathor of Arabic-Classroom.com
o CVE-2020-9835
*Not found by Apple*, found by Olivier Levesque (@olilevesque)
o CVE-2020-9837
*Not found by Apple*, found by Thijs Alkemade of Computest
o CVE-2020-9838
*Not found by Apple*, found by Dennis Heinze (@ttdennis) of TU Darmstadt, Secure Mobile Networking Lab
o CVE-2020-9839
*Not found by Apple*, found by @jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro¢s Zero Day Initiative
o CVE-2020-9842
*Not found by Apple*, found by Linus Henze (
pinauten.de)
o CVE-2020-9843
*Not found by Apple*, found by Ryan Pickren (
ryanpickren.com)
o CVE-2020-9844
*Not found by Apple*, found by Ian Beer of Google Project Zero
o CVE-2020-9848
*Not found by Apple*, found by Nima
o CVE-2020-9850
*Not found by Apple*, found by @jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro Zero Day Initiative
o CVE-2020-9852
*Not found by Apple*, found by Tao Huang and Tielei Wang of Pangu Lab
etc.
I got tired of listing them, there are so many, where the obvious point
is that Apple was up to their ears in bugs Apple didn't test for
and hence, clearly, Apple didn't find.
--
Ever wonder why Apple has so many bugs & yet MARKETING claims otherwise?