Apple patches vulnerabilities in iWork

Apple released an update for iWork 9.0 through 9.0.5 which fixes three vulnerabilities which could potentially be used to perform malicious actions.

The new version, 9.1, fixes a buffer overflow which could lead to unexpected program termination and also arbitrary code execution and a memory corruption in handling Excel  and Word documents which if used in specially crafted files can terminate the program and execute arbitrary code.

These vulnerabilities can have serious effects on the security of the system and we strongly advise to update your products.

The iWork 9.1 Update is available via the Apple Software Update
application, or  Apple’s Software Downloads website.

 

Sorin Mustaca

Data Security Expert