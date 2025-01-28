Apple¤¬½ÅÍ×¤ÊÀÈ¼åÀ¤ò½¤Àµ¤·¤¿¡ÖiPadOS 17.7.4¡×¤òÄó¶¡³«»Ï¡ªiPad¡ÊÂè6À¤Âå¡Ë¤äiPad Pro¤Î10.5¥¤¥ó¥Á¤È12.9¥¤¥ó¥Á¡ÊÂè2À¤Âå¡Ë¸þ¤±
|Apple¤¬iPad¸þ¤±iPadOS 17.7.4¤ò¥ê¥ê¡¼¥¹¡ª
Apple¤Ï27Æü¡Ê¸½ÃÏ»þ´Ö¡Ë¡¢Æ±¼Ò¤¬Å¸³«¤¹¤ë¥¿¥Ö¥ì¥Ã¥È¡ÖiPad¡×¥·¥ê¡¼¥º¸þ¤±¥×¥é¥Ã¥È¥Õ¥©¡¼¥à¡ÖiPadOS¡×¤Ë¤ª¤¤¤ÆÁ°¥Ð¡¼¥¸¥ç¥ó¡ÖiPadOS 17¡×¤ÎºÇ¿·ÈÇ¡ÖiPadOS 17.7.4¡Ê21H414¡Ë¡×¤òÄó¶¡³«»Ï¤·¤¿¤È¤ªÃÎ¤é¤»¤·¤Æ¤¤¤Þ¤¹¡£
ÂÐ¾Ýµ¡¼ï¤ÏºÇ¿·¥Ð¡¼¥¸¥ç¥ó¡ÖiPadOS 18¡×¤ËÂÐ±þ¤·¤Æ¤¤¤Ê¤¤iPadOS 17¤ÎÂÐ±þµ¡¼ï¤Ç¡¢¶ñÂÎÅª¤Ë¤ÏiPad¡ÊÂè6À¤Âå¡Ë¤ä12.9¥¤¥ó¥ÁiPad Pro¡ÊÂè2À¤Âå¡Ë¡¢10.5¥¤¥ó¥ÁiPad Pro¤Î3µ¡¼ï¤È¤Ê¤ê¤Þ¤¹¡£¤Ê¤ª¡¢°ÊÁ°¤Ï¡ÖiOS 18¡×¤äiPadOS 18¤ÎÂÐ¾Ýµ¡¼ï¤ÏiOS 18¤äiPadOS 18¤Þ¤¿¤ÏiOS 17¤äiPadOS 17¤òÁª¤ó¤Ç¹¹¿·¤Ç¤¤Æ¤¤¤Þ¤·¤¿¤¬¡¢Á°²ó¤ÎiPadOS 17.7.3¤«¤éiOS 18¤äiPadOS 18¤ÎÂÐ¾Ýµ¡¼ï¤ÏiOS 18¤äiPadOS 18¤Î¤ß¤Ë¹¹¿·¤¹¤ë¤è¤¦¤Ë¤Ê¤Ã¤Æ¤¤¤Þ¤¹¡£
¤Ê¤ª¡¢¤³¤ì¤é¤ÎÀÈ¼åÀ¤Î¤¦¤Á¤Î¤¤¤¯¤Ä¤«¤ÏÆ±¼Ò¤Ç¤ÏÀÑ¶ËÅª¤Ë°ÍÑ¤µ¤ì¤Æ¤¤¤ë²ÄÇ½À¤¬¤¢¤ë¤È¤¤¤¦Êó¹ð¤òÇ§¼±¤·¤Æ¤¤¤ë¤È¤·¤Æ¤¤¤Þ¤¹¡£¤½¤ÎÂ¾¡¢¤¹¤Ç¤Ë¾Ò²ð¤·¤Æ¤¤¤ë¤è¤¦¤ËiOS¤ª¤è¤ÓiPadOS¤ÎºÇ¿·¥Ð¡¼¥¸¥ç¥ó¡ÖiOS 18.3¡×¤ª¤è¤Ó¡ÖiPadOS 18.3¡×¤¬¥ê¥ê¡¼¥¹¤µ¤ì¤Æ¤¤¤ë¤Û¤«¡¢¥Ñ¥½¥³¥ó¡ÖMac¡×¸þ¤±¡ÖmacOS Sequoia 15.3¡×¡¢¥¹¥Þ¡¼¥È¥¦¥©¥Ã¥Á¡ÖApple Watch¡×¸þ¤±¡ÖwatchOS 11.3¡×¡¢¥»¥Ã¥È¥È¥Ã¥×¥Ü¥Ã¥¯¥¹¡ÖApple TV¡×¸þ¤±¡Ötv 18.3¡×¡¢¥¹¥Þ¡¼¥È¥Ø¥Ã¥É¥»¥Ã¥È¡ÖApple Vision¡×¸þ¤±¡ÖvisionOS 2.3¡×¤âÇÛ¿®³«»Ï¤·¤Æ¤¤¤Þ¤¹¡£
Apple¤Ç¤Ï2021Ç¯¤ËÄó¶¡³«»Ï¤·¤¿iOS 15¤ª¤è¤ÓiPadOS 15¤«¤é°ìÄê´ü´Ö¤Ï¼¡¤ÎºÇ¿·¥Ð¡¼¥¸¥ç¥ó¤Ë¹¹¿·¤»¤º¤Ë´ûÂ¸¤Î¥Ð¡¼¥¸¥ç¥ó¤ËÎ±¤Þ¤ëµ¡Ç½¤òÄó¶¡¤·¤Æ¤ª¤ê¡¢º£Ç¯¤âºÇ¿·¤ÎiOS 18¤äiPadOS 18¤ÎÀµ¼°ÈÇ¤¬ÇÛ¿®³«»Ï¤µ¤ì¤Þ¤·¤¿¤¬¡¢°ú¤Â³¤¤¤Æ¤·¤Ð¤é¤¯iOS 17¤äiPadOS 17¤Ç»È¤¦¾ì¹ç¤òÂÐ¾Ý¤Ë¥»¥¥å¥ê¥Æ¥£¡¼½¤Àµ¤Î¤ß¤ò¹Ô¤Ã¤¿¥½¥Õ¥È¥¦¥§¥¢¹¹¿·¤òÄó¶¡¤·¤Æ¤ª¤ê¡¢º£²ó¤ÏÁ°²ó¤ÎiPadOS 17.7.3¤ËÂ³¤¤¤ÆiPadOS 17.7.4¤¬Äó¶¡³«»Ï¤µ¤ì¤Þ¤·¤¿¡£
¹¹¿·¤Ï½¾ÍèÄÌ¤ê³ÆÀ½ÉÊËÜÂÎ¤Î¤ß¤ÇOTA¡ÊOn-The-Air¡Ë¤Ë¤è¤ê¥À¥¦¥ó¥í¡¼¥É¤Ç¹Ô¤¨¡¢ÊýË¡¤È¤·¤Æ¤Ï¡¢¡ÖÀßÄê¡×¢ª¡Ö°ìÈÌ¡×¢ª¡Ö¥½¥Õ¥È¥¦¥§¥¢¡¦¥¢¥Ã¥×¥Ç¡¼¥È¡×¤«¤é¹Ô¤¨¡¢Ã±ÂÎ¤Ç¥¢¥Ã¥×¥Ç¡¼¥È¤¹¤ë¾ì¹ç¤Î¥À¥¦¥ó¥í¡¼¥É¥µ¥¤¥º¤Ï¼ê»ý¤Á¤ÎiPad¡ÊÂè6À¤Âå¡Ë¤ÇiPadOS 17.7.3¤«¤é¤À¤È149.7MB¤È¤Ê¤Ã¤Æ¤¤¤Þ¤¹¡£¤Þ¤¿iTunes¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤¿Windows¤ª¤è¤ÓMac¤ÈUSB-Lightning¥±¡¼¥Ö¥ë¤ÇÀÜÂ³¤·¤Æ¤â¼Â»Ü¤Ç¤¤Þ¤¹¡£¤Ê¤ª¡¢Apple¤¬°ÆÆâ¤·¤Æ¤¤¤ë¥¢¥Ã¥×¥Ç¡¼¥È¤ÎÆâÍÆ¤ª¤è¤Ó¥»¥¥å¥ê¥Æ¥£¡¼¥³¥ó¥Æ¥ó¥Ä¤Î½¤Àµ¤Ï°Ê²¼¤ÎÄÌ¤ê¡£
¤³¤Î¥¢¥Ã¥×¥Ç¡¼¥È¤Ë¤Ï½ÅÍ×¤Ê¥»¥¥å¥ê¥Æ¥£½¤Àµ¤¬´Þ¤Þ¤ì¡¢¤¹¤Ù¤Æ¤Î¥æ¡¼¥¶¤Ë¿ä¾©¤µ¤ì¤Þ¤¹¡£
Apple¥½¥Õ¥È¥¦¥§¥¢¥¢¥Ã¥×¥Ç¡¼¥È¤Î¥»¥¥å¥ê¥Æ¥£¥³¥ó¥Æ¥ó¥Ä¤Ë¤Ä¤¤¤Æ¤Ï¡¢°Ê²¼¤ÎWeb¥µ¥¤¥È¤ò¤´Í÷¤¯¤À¤µ¤¤: https://support.apple.com/100100
Released January 27, 2025
- AirPlay
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: A remote attacker may cause an unexpected application termination or arbitrary code execution
Description: A type confusion issue was addressed with improved checks.
CVE-2025-24137: Uri Katz (Oligo Security)
- ARKit
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: Parsing a file may lead to an unexpected app termination
Description: The issue was addressed with improved checks.
CVE-2025-24127: Minghao Lin (@Y1nKoc), babywu, and Xingwei Lin of Zhejiang University
- CoreAudio
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: Parsing a file may lead to an unexpected app termination
Description: The issue was addressed with improved checks.
CVE-2025-24161: Google Threat Analysis Group
CVE-2025-24160: Google Threat Analysis Group
CVE-2025-24163: Google Threat Analysis Group
- CoreMedia
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: Parsing a file may lead to an unexpected app termination
Description: The issue was addressed with improved checks.
CVE-2025-24123: Desmond working with Trend Micro Zero Day Initiative
CVE-2025-24124: Pwn2car & Rotiple(HyeongSeok Jang) working with Trend Micro Zero Day Initiative
- CoreRoutine
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: An app may be able to determine a user¡Çs current location
Description: The issue was addressed with improved checks.
CVE-2025-24102: Kirin (@Pwnrin)
- ICU
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: Processing maliciously crafted web content may lead to an unexpected process crash
Description: An out-of-bounds access issue was addressed with improved bounds checking.
CVE-2024-54478: Gary Kwong
- ImageIO
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: Processing an image may lead to a denial-of-service
Description: The issue was addressed with improved memory handling.
CVE-2025-24086: DongJun Kim (@smlijun) and JongSeong Kim (@nevul37) in Enki WhiteHat, D4m0n
- Kernel
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: An app may be able to cause unexpected system termination or write kernel memory
Description: The issue was addressed with improved memory handling.
CVE-2025-24118: Joseph Ravichandran (@0xjprx) of MIT CSAIL
- Kernel
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: A validation issue was addressed with improved logic.
CVE-2025-24159: pattern-f (@pattern_F_)
- LaunchServices
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: An app may be able to fingerprint the user
Description: This issue was addressed with improved redaction of sensitive information.
CVE-2025-24117: Michael (Biscuit) Thomas (@biscuit@social.lol)
- libxslt
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: Processing maliciously crafted web content may lead to an unexpected process crash
Description: This issue was addressed through improved state management.
CVE-2025-24166: Ivan Fratric of Google Project Zero
- Managed Configuration
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: Restoring a maliciously crafted backup file may lead to modification of protected system files
Description: This issue was addressed with improved handling of symlinks.
CVE-2025-24104: Hichem Maloufi, Hakim Boukhadra
- QuartzCore
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: Processing web content may lead to a denial-of-service
Description: The issue was addressed with improved checks.
CVE-2024-54497: Anonymous working with Trend Micro Zero Day Initiative
- SceneKit
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation
Impact: Parsing a file may lead to disclosure of user information
Description: An out-of-bounds read was addressed with improved bounds checking.
CVE-2025-24149: Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative
Additional recognition
- CoreAudio
We would like to acknowledge Google Threat Analysis Group for their assistance.
- CoreMedia Playback
We would like to acknowledge Song Hyun Bae (@bshyuunn) and Lee Dong Ha (Who4mI) for their assistance.
- Static Linker
We would like to acknowledge Holger Fuhrmannek for their assistance.
µ»ö¼¹É®¡§memn0ck
