[情報] IOS 10.2.1 更新內容 kyle5241 PTT批踢踢實業坊

[情報] IOS 10.2.1 更新內容

作者: kyle5241 (kyle) 2017-01-24 05:30:37

https://support.apple.com/en-us/HT207482
This document describes the security content of iOS 10.2.1.
iOS 10.2.1
Released January 23, 2017
Auto Unlock 自動解鎖問題
Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch
6th generation and later
影響：當Apple watch離開你的手時仍然會自動解鎖
Impact: Auto Unlock may unlock when Apple Watch is off the user's wrist
Description: A logic issue was addressed through improved state management.
CVE-2017-2352: Ashley Fernandez of raptAware Pty Ltd
Contacts 聯絡人問題
Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch
6th generation and later
影響：惡意的聯絡人資料卡可能造成程式中止
Impact: Processing a maliciously crafted contact card may lead to unexpected
application termination
Description: An input validation issue existed in the parsing of contact
cards. This issue was addressed through improved input validation.
CVE-2017-2368: Vincent Desmurs (vincedes3)
Kernel 內核
Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch
6th generation and later
影響：程式利用內核的特殊權限任意執行程式碼
Impact: An application may be able to execute arbitrary code with kernel
privileges
Description: A buffer overflow issue was addressed through improved memory
handling.
CVE-2017-2370: Ian Beer of Google Project Zero
Kernel 內核
Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch
6th generation and later
影響：程式利用內核的特殊權限任意執行程式碼
Impact: An application may be able to execute arbitrary code with kernel
privileges
Description: A use after free issue was addressed through improved memory
management.
CVE-2017-2360: Ian Beer of Google Project Zero
libarchive 資料庫封存問題
Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch
6th generation and later
影響：打開惡意產生的封包可能導致程式碼任意執行
Impact: Unpacking a maliciously crafted archive may lead to arbitrary code
execution
Description: A buffer overflow issue was addressed through improved memory
handling.
CVE-2016-8687: Agostino Sarubbo of Gentoo
WebKit 問題
Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch
6th generation and later
影響：處理惡意網站內容可能導致別的來源的資料流出
Impact: Processing maliciously crafted web content may exfiltrate data
cross-origin
Description: A prototype access issue was addressed through improved
exception handling.
CVE-2017-2350: Gareth Heyes of Portswigger Web Security
WebKit 問題
Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch
6th generation and later
影響：處理惡意網站內容可能導致執行任何程式碼
Impact: Processing maliciously crafted web content may lead to arbitrary code
execution
Description: Multiple memory corruption issues were addressed through
improved memory handling.
CVE-2017-2354: Neymar of Tencent's Xuanwu Lab (tencent.com) working with
Trend Micro's Zero Day Initiative
CVE-2017-2362: Ivan Fratric of Google Project Zero
CVE-2017-2373: Ivan Fratric of Google Project Zero
WebKit 問題
Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch
6th generation and later
影響：處理惡意網站內容可能導致執行任何程式碼
Impact: Processing maliciously crafted web content may lead to arbitrary code
execution
Description: A memory initialization issue was addressed through improved
memory handling.
CVE-2017-2355: Team Pangu and lokihardt at PwnFest 2016
WebKit 問題
Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch
6th generation and later
影響：處理惡意網站內容可能導致執行任何程式碼
Impact: Processing maliciously crafted web content may lead to arbitrary code
execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2017-2356: Team Pangu and lokihardt at PwnFest 2016
CVE-2017-2369: Ivan Fratric of Google Project Zero
CVE-2017-2366: Kai Kang of Tencent's Xuanwu Lab (tencent.com)
WebKit 問題
Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch
6th generation and later
影響：處理惡意網站內容可能導致別的來源的資料流出
Impact: Processing maliciously crafted web content may exfiltrate data
cross-origin
Description: A validation issue existed in the handling of page loading. This
issue was addressed through improved logic.
CVE-2017-2363: lokihardt of Google Project Zero
CVE-2017-2364: lokihardt of Google Project Zero
WebKit 問題
Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch
6th generation and later
影響：惡意網站可以打開彈出式視窗
Impact: A malicious website can open popups
Description: An issue existed in the handling of blocking popups. This was
addressed through improved input validation.
CVE-2017-2371: lokihardt of Google Project Zero
WebKit 問題
Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch
6th generation and later
影響：處理惡意網站內容可能導致別的來源的資料流出
Impact: Processing maliciously crafted web content may exfiltrate data
cross-origin
Description: A validation issue existed in the handling of variable handling.
This issue was addressed through improved validation.
CVE-2017-2365: lokihardt of Google Project Zero
WiFi 問題
Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch
6th generation and later
影響：有啟動鎖定的裝置可以在操作下短暫的顯示首頁
Impact: An activation-locked device can be manipulated to briefly present the
home screen
Description: An issue existed with handling user input that caused a device
to present the home screen even when activation locked. This was addressed
through improved input validation.
CVE-2017-2351: Sriram (@Sri_Hxor) of Primefort Pvt. Ltd., Hemanth Joseph

作者: jatj 2017-01-24 06:22:00

TL;DR

作者: othersHTC92 (other界的霸主) 2017-01-24 08:02:00

不要上來丟臉了好嗎你懂英文嗎

作者: z8632100 (超級蹦挖) 2017-01-24 08:25:00

我英文素質低落

作者: rock1331 (不良角色) 2017-01-24 08:27:00

可以桶他嗎？

作者: dannyace (南瓜) 2017-01-24 08:27:00

貼這幹嘛

作者: kyle5241 (kyle) 2017-01-24 08:31:00

iOS 10.2.1 的更新內容啊......

作者: st8740212 2017-01-24 08:34:00

貼上來沒翻譯沒解釋洗文喔

作者: kyle5241 (kyle) 2017-01-24 08:34:00

這個版是怎麼回事......

作者: haleytll (Zoe) 2017-01-24 08:41:00

複製貼上誰都會，內文完全沒有個人意見、看法或說明見解

作者: zonhan (我願與妳共舞) 2017-01-24 08:47:00

板規6

作者: celtics1997 (山東之龍-禁邪賽鴿) 2017-01-24 08:50:00

作者: oopsskimo (...) 2017-01-24 08:51:00

板龜6c

作者: kuso10582 (Piscine) 2017-01-24 08:52:00

都用這麼久的ptt了，難道不知道不行複製貼上嗎？

作者: abram (科科) 2017-01-24 08:54:00

嫩

作者: bbace 2017-01-24 08:58:00

噓你才怎麼了發文不看版規

作者: macho1223 (Macho1223) 2017-01-24 08:58:00

快推不然以為我們不懂英文

作者: othersHTC92 (other界的霸主) 2017-01-24 08:59:00

喔好棒棒喔你懂英文好厲害

作者: hhh1234321 (3h) 2017-01-24 09:00:00

我竟然看得懂......(噗~~~)

作者: bqmm (嵐) 2017-01-24 09:02:00

Ctrl C + V 這樣也好意思一篇？

作者: horseorange (橘小馬) 2017-01-24 09:03:00

所以鬧鐘修好了沒?（x

作者: a258558 (MattJ) 2017-01-24 09:18:00

呃...

作者: pm2001 (做個盾牌眼球兵吧) 2017-01-24 09:39:00

複製貼上的被噓反觀只貼張截圖就沒問題廠廠

作者: Grady1979 (Grady) 2017-01-24 09:53:00

我才想問你是怎麼回事咧....

作者: ichen30259 (ichen30259) 2017-01-24 09:56:00

所以勿擾模式修好了沒？

作者: HOME8869 (羅生門) 2017-01-24 09:57:00

什麼叫他媽的驚喜

作者: kobe7610 (渴望的狗) 2017-01-24 09:58:00

作者: s973311 (樹難爬) 2017-01-24 10:20:00

欺負我沒讀書喔~ 奇怪捏

作者: zx2998 2017-01-24 10:29:00

推推

作者: chrislt2322 (克里斯林) 2017-01-24 10:37:00

好啦幫搬運工補個血

作者: ImCPM (Heilo) 2017-01-24 10:39:00

好可憐幫你QQ 果粉不意外

作者: vector (向量) 2017-01-24 10:47:00

你貼這樣我直接去蘋果不是更快

作者: yangchenyue (AYA) 2017-01-24 10:48:00

我傻眼XD

作者: mango314 (Mine) 2017-01-24 10:54:00

跟上一篇一樣半斤八兩,反正這邊根本沒版主,貼什麼有差嗎

作者: Paulbio (小便當) 2017-01-24 10:59:00

我覺得有東西看不用去找，不錯啊

作者: tomodachiwen (wen) 2017-01-24 11:43:00

為什麼要噓？

作者: x850519 (小魯弟) 2017-01-24 11:47:00

第一篇是情報，第二篇是洗文

作者: frank0908 2017-01-24 12:10:00

這個版素質真的越來越差了

作者: pm2001 (做個盾牌眼球兵吧) 2017-01-24 12:15:00

這篇至少把連結貼出來情報量比上一篇多太多了

作者: frank0908 2017-01-24 12:16:00

而且這次的安全性更新本來就是10.2.1的核心

作者: alwyss (MAI) 2017-01-24 12:27:00

這個板的板主真的好好當喔

作者: wryyyyyyyy (蜥蜴長老) 2017-01-24 12:30:00

作者: a0913865175 (KIMOGI0602) 2017-01-24 12:40:00

推個補血

作者: ernie0112 (小賴) 2017-01-24 12:55:00

自己能力不好，不能去加強嗎，拿別人用好的資料來看，不就代表自己懶得找懶得看，比別人貼一張好多了吧

作者: popo6307 (BananaLala) 2017-01-24 13:01:00

推推

作者: Achernar (My way) 2017-01-24 13:13:00

原PO辛苦啦，這篇比前一篇來的實用

作者: abian (abian) 2017-01-24 13:31:00

前面的推文是什麼情形..

作者: j94223 (笨肌) 2017-01-24 13:36:00

推很有用的情報文

作者: tallolz (透) 2017-01-24 13:41:00

本來是原文純複製貼上

作者: LBJ2ndKing (LBJ亞軍王) 2017-01-24 14:13:00

前面想帶風向？

作者: kyle5241 (kyle) 2017-01-24 14:40:00

我莫名奇妙被噓，明明這是比較重要的資訊....

作者: alanalan2007 (YOYO) 2017-01-24 15:04:00

推回來，明明前面那篇才沒用，這篇很多資訊。

作者: ken84929 (破軍★翼) 2017-01-24 15:27:00

幫推

作者: miniwhy (口卡口卡 ) 2017-01-24 15:50:00

幫推有翻譯了

作者: johnny1229 (文化裘德洛) 2017-01-24 16:11:00

上面是在噓什麼？

作者: allan0926 (allan) 2017-01-24 16:14:00

謝謝分享

作者: AHAJAY (阿哈J) 2017-01-24 16:42:00

隨便都比一堆廢文好

作者: NinOAQ (妮OuO/) 2017-01-24 16:50:00

推補翻譯

作者: shenyang (身癢抓抓) 2017-01-24 16:58:00

推

作者: WuMOS (Ian) 2017-01-24 17:36:00

推翻譯

作者: fyso (sophie1iao) 2017-01-24 17:47:00

推

作者: altria27 (altria27) 2017-01-24 17:52:00

前面那篇什麼都沒提到這篇內容都有有啥好虛..

作者: gary21617mvp (ToroChip) 2017-01-24 17:56:00

推

作者: nicegigi (嗆斯嗆斯) 2017-01-24 18:07:00

推好心翻譯噓的人是因爲一開始沒翻譯，看不懂才噓的吧

作者: ninewords (全世界的人都很悲傷) 2017-01-24 18:25:00

看了噓的幾樓，真是笑死我了，原來腦袋可以這樣用

作者: ppstyle7 (阿喵喵) 2017-01-24 18:42:00

原po一開始只有將英文全部貼上，翻譯是後來才加的

作者: shihhhpin (小小小宏) 2017-01-24 19:50:00

推推

作者: pm2001 (做個盾牌眼球兵吧) 2017-01-24 20:02:00

一開始就算只有英文至少有付官方連結我想不管怎樣都比截圖好

作者: cleanesty 2017-01-24 20:33:00

語言不合

作者: HCHsiang (金城武是我) 2017-01-24 20:56:00

推

作者: tomodachiwen (wen) 2017-01-24 21:06:00

再推一次前面噓的真的很有趣

作者: baibaizo 2017-01-24 21:25:00

讚

作者: crayon123 (jackwu) 2017-01-24 21:35:00

補血。上面不知道在噓什麼

作者: jerry255701 (傑瑞) 2017-01-24 21:42:00

幫補血

作者: BlueIceBeer 2017-01-24 21:47:00

幫補血，原PO別介意，就是有一堆沒知識的秀下限

作者: snowgod (北極熊的鄰居) 2017-01-24 22:19:00

補

作者: a87992772 (QQQ) 2017-01-24 22:22:00

？噓啥

作者: SimACC (didbib) 2017-01-24 22:55:00

補

作者: DarrenKuo (Darren) 2017-01-24 22:58:00

補血

作者: alins1999 (謝強尼) 2017-01-24 23:13:00

辛苦原PO。

作者: kevinee ( ) 2017-01-25 00:15:00

推前面的噓文很有事

作者: Vek1112 (喔登登) 2017-01-25 02:19:00

讚

作者: st880517 2017-01-25 02:36:00

幫補一發

作者: bestneil (青柚) 2017-01-25 03:09:00

補血

作者: ss15669659 (Zijun) 2017-01-25 03:32:00

推

作者: McDownlaw (我就是愛大麥克) 2017-01-25 03:48:00

推

作者: Rammus1111 (NK_Rammus龜) 2017-01-25 04:31:00

前面的還好嗎...？這明明很有用啊

作者: AirRider (又怎麼了) 2017-01-25 05:25:00

一堆玻璃心看不懂亂噓，上一篇怎不噓？助推一個

作者: DKPCOFGS (Eight) 2017-01-25 08:16:00

怪了國民教育沒教英文嗎？

作者: mars1396 (mars1396) 2017-01-25 08:35:00

補血

作者: young199517 (young199517) 2017-01-25 09:50:00

前面都玻璃心喔幫補

作者: baronmax (songyy) 2017-01-25 10:11:00

補血

作者: CraziPhone (有點不方便) 2017-01-25 11:34:00

﴿

作者: mienchin (帕爾摩斯兔子) 2017-01-25 12:24:00

推推

作者: kevin11tw (台中阿翔) 2017-01-25 12:28:00

補血推

作者: clop (月餅狗) 2017-01-25 12:56:00

前面的噓文有什麼事

作者: cheche0512 (呵呵) 2017-01-25 12:59:00

第一篇那樣才誇張吧

作者: keeper036 (掰咖) 2017-01-25 13:55:00

從古至今語言是造成戰爭的重要關鍵XD

作者: eric45670 (丹羽) 2017-01-25 14:43:00

笑看那些英文不好亂炮的

作者: w5151381guy (kirito帆) 2017-01-25 15:39:00

前面那些人亂噓在秀下限?自己看不懂就亂噓別人廠廠

作者: jimmythepeng (NTUpenguin) 2017-01-26 18:08:00

補推

作者: kentplay (鯊魚) 2017-01-27 22:54:00

覺得很有幫助阿

作者: XDDDD5566 (我絕對沒偷吃實驗室點心) 2017-01-28 03:29:00

OuO 好兇

作者: aifam (忙~所有問題我會擇空回答) 2017-01-28 07:57:00

噓文的人，你們還好嗎？

作者: Feases (<(￣︶￣)>) 2017-01-28 22:59:00

滿好的

作者: yoo31805 (Q毛) 2017-01-29 18:45:00

這篇充實多了，感謝原po分享

繼續閱讀

[問題] Apple Watch錶面天氣顯示denru01 [情報] IOS 10.2.1 正式版推出henry4621 Re: [討論] 週年慶預購到貨情況wenhsuan11 iphone6/6s 皮革保護殼通用問題nomieno [問題] 6s+ wifi反灰tw00484586 [討論] 洛克人bjzx5 Re: [心得] iphone6換電池，卻拿不回舊電池！randy0125 [問題] 換下的電池？Samuelfish [問題] 怎麼取回螢幕壞掉手機內部的檔案?cciibbaa Re: [心得] 光華某店維修心得AizawaYuuiti