Released February 7, 2019

FaceTime

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: The initiator of a Group FaceTime call may be able to cause the recipient to answer

Description: A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved state management.

CVE-2019-6223: Grant Thompson of Catalina Foothills High School, Daven Morris of Arlington, TX

Foundation

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to gain elevated privileges

Description: A memory corruption issue was addressed with improved input validation.

CVE-2019-7286: an anonymous researcher, Clement Lecigne of Google Threat Analysis Group, Ian Beer of Google Project Zero, and Samuel Groß of Google Project Zero

IOKit

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved input validation.

CVE-2019-7287: an anonymous researcher, Clement Lecigne of Google Threat Analysis Group, Ian Beer of Google Project Zero, and Samuel Groß of Google Project Zero

Live Photos in FaceTime

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: A thorough security audit of the FaceTime service uncovered an issue with Live Photos

Description: The issue was addressed with improved validation on the FaceTime server.

CVE-2019-7288: Apple