Apple released security updates for macOS Catalina 10.15 and iOS 13.
The fix for macOS Catalina 10.15.1, takes care of 33 vulnerabilities, including holes an attacker could leverage by cajoling the targeted user to process a specially crafted file.
The vulnerabilities can end up used to obtain information, bypass authentication, execute arbitrary code with elevated privileges, exfiltrate data, elevate privileges, or launch denial-of-service (DoS) attacks.
Apple patched 28 holes in iOS 13.2 and iPadOS 13.2.
Those vulnerabilities allowed arbitrary code execution with elevated privileges, data exfiltration, memory leaks, authentication bypass, secretly recording the device’s screen, cross-site scripting (XSS) attacks, user interface spoofing, and obtaining user information.
Apple has also patched vulnerabilities in watchOS, Safari and tvOS. watchOS and tvOS are based on iOS, and Safari shares the WebKit browser engine with iOS, which means these vulnerabilities are mostly the same as the ones patched in iOS.