CINXE.COM

 <!DOCTYPE html> <html lang="en" prefix="og: http://ogp.me/ns#" dir="ltr"> <head> <meta http-equiv="expires" content="0"> <meta name="viewport" content="width=device-width, initial-scale=1, viewport-fit=cover" /> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <link rel="dns-prefetch" href="https://www.apple.com/" /> <link rel="preconnect" href="https://www.apple.com/" crossorigin /> <title lang="en">About the security content of visionOS 1.0.2 - Apple Support</title> <meta name="description" content="This document describes the security content of visionOS 1.0.2." /> <link rel="canonical" href="https://support.apple.com/en-mide/118479" /> <meta property="og:url" content="https://support.apple.com/en-mide/118479" /> <meta property="og:title" content="About the security content of visionOS 1.0.2 - Apple Support" /> <meta property="og:description" content="This document describes the security content of visionOS 1.0.2." /> <meta property="og:site_name" content="Apple Support" /> <meta property="og:locale" content="en_MIDE" /> <meta property="og:type" content="article" /> <link rel="icon" href="/favicon.ico"> <link rel="apple-touch-icon" href="/favicon.ico"> <style> .viewport-content{margin-left:auto;margin-right:auto;width:980px}.viewport-content{margin-left:auto;margin-right:auto;width:692px}.viewport-content{margin-left:auto;margin-right:auto;width:87.5%}.viewport-content{margin-left:auto;margin-right:auto;width:980px}.viewport-content{margin-left:auto;margin-right:auto;width:692px}.viewport-content{margin-left:auto;margin-right:auto;width:87.5%}.subheader{font-size:21px;line-height:1.381;font-weight:400;letter-spacing:.011em;font-family:SF Pro Display,SF Pro Icons,Helvetica Neue,Helvetica,Arial,sans-serif}.subheader{font-size:19px;line-height:1.4211;font-weight:400;letter-spacing:.012em;font-family:SF Pro Display,SF Pro Icons,Helvetica Neue,Helvetica,Arial,sans-serif}.globalnav-placeholder{height:44px}.globalnav-placeholder{height:48px}.globalnav-curtain{background:rgba(232,232,237,.4);-webkit-backdrop-filter:blur(20px);backdrop-filter:blur(20px);visibility:hidden;position:fixed;opacity:0;top:0;right:0;bottom:0;left:0;width:100%;height:100%;z-index:9998;transition:opacity .32s cubic-bezier(.4,0,.6,1) 80ms,visibility .32s step-end 80ms}.globalheader-light .globalnav-curtain{background:rgba(232,232,237,.4)}.globalnav-link-text-container{display:flex}.globalnav-link svg{transform:translateZ(0)}.globalnav-submenu-trigger-item{list-style:none}.globalnav-bag-badge{--globalnav-badge-background:rgb(0, 0, 0);--globalnav-badge-text-color:rgb(255, 255, 255);top:auto;bottom:11px;display:inline-block;position:absolute;z-index:1;width:1.3em;height:1.3em;box-sizing:border-box;float:none;color:var(--globalnav-badge-text-color);font-size:10px;letter-spacing:-.008em;line-height:1.3;text-align:center;pointer-events:none}.globalnav-bag-badge{bottom:13px}.globalnav-bag-badge-separator{background:var(--globalnav-badge-background);width:1em;height:100%;position:absolute;top:0;transform:scaleX(0);transition:transform .3s cubic-bezier(.25,.1,.3,1)}.globalnav-bag-badge-number{display:block;position:relative;z-index:2;font-family:SF Pro Text,SF Pro Icons,Helvetica Neue,Helvetica,Arial,sans-serif;letter-spacing:inherit;transition:transform .3s cubic-bezier(.25,.1,.3,1)}.globalnav-bag-badge-unit{opacity:0;display:inline-block;position:absolute;top:0;z-index:2;font-family:SF Pro Text,SF Pro Icons,Helvetica Neue,Helvetica,Arial,sans-serif;font-feature-settings:"case";transition:opacity .1s cubic-bezier(.25,.1,.3,1)}.globalnav-bag-wrapper{position:relative}.globalnav-image-compact,.globalnav-link-bag svg{pointer-events:none}.viewport-content{margin-inline-start:auto;margin-inline-end:auto;width:980px}.viewport-content{margin-inline-start:auto;margin-inline-end:auto;width:692px}.viewport-content{margin-inline-start:auto;margin-inline-end:auto;width:87.5%} </style> <link rel="preload" as="style" href="/clientside/build/app-ac.css" onload="this.onload=null;this.rel='stylesheet'"> <noscript> <link rel="stylesheet" href="/clientside/build/app-ac.css" type="text/css" /> </noscript> <link rel="preload" as="style" href="/clientside/build/gb_ltr_rtl_common.css" onload="this.onload=null;this.rel='stylesheet'"> <noscript> <link rel="stylesheet" href="/clientside/build/gb_ltr_rtl_common.css" type="text/css" /> </noscript> <link rel="preload" as="style" href="//www.apple.com/wss/fonts?families=SF+Pro,v1:200,300,400,500,600|SF+Pro+Icons,v1" onload="this.onload=null;this.rel='stylesheet'"> <noscript> <link rel="stylesheet" href="//www.apple.com/wss/fonts?families=SF+Pro,v1:200,300,400,500,600|SF+Pro+Icons,v1" type="text/css" /> </noscript> <script> var data = { showHelpFulfeedBack: true, isPreview : false, showPricingTool: false, podCookie: "mide~en", dtmPageName: "acs.pageload", locale: "en_US", id: "118479", contentType: "RC", domain: "support.apple.com", isNeighborJsEnabled: true, showPricingServiceTypeDropdown: false, showPricingProductDropdown:true, showPricingModelDropdown:false, urlLocale: "en-mide", pricingProductId:"", pricingServiceItemId:"", supportCategory: "", showRecommendation : false, configApiURL : "https://support.apple.com/ols/api/config", isSecureEnv : "", contentDropdownSelectedOption: "", isOberonContent: false, enableAskAppleChat: false, akamaiEdgeScapeURL: "https://support.apple.com/edge-sight" } //for launch - video tracking window.appState = JSON.stringify(data); </script> <!-- Below CSS is to disable videos click and hide play button on page load --> <style> .videoComponentContainer > a.videoComponent{ pointer-events: none; } .videoComponentContainer > a.videoComponent .thumbnail-button{ display: none; } </style> <script> var _applemd = { page: { site_section: "kb", content_type: "RC", info_type: "", topics: "", in_house: "", locale: "en-mide", friendly_content: { title: `About the security content of visionOS 1.0.2`, publish_date: "11142024", content_id: "118479", status: "unarchieved", version: "3.0.0.0" }, testandtarget:{ throttle:"0.0" }, }, product: { list: ["acs::kb::productcategory::CS - Device::Vision::Apple Vision Pro","acs::kb::productcategory::CS - Device::Vision",] } , }; const isMobilePlayer = /iPhone|iPod|Android/i.test(navigator.userAgent); </script> <script src="/clientside/build/nn.js" type="text/javascript" charset="utf-8"></script> <script> var neighborInitData = { appDataSchemaVersion: '2.0.0', webVitalDataThrottlingPercentage: 100, reportThrottledWebVitalDataTypes: ['system:dom-content-loaded', 'system:load', 'system:unfocus', 'system:focus', 'system:unload', 'system:page-hide', 'system:visibility-change-visible', 'system:visibility-change-hidden', 'system:event', 'app:load', 'app:unload', 'app:event'], trackMarcomSearch: true, trackSurvey: true, endpoint: 'https://supportmetrics.apple.com/content/services/stats' } </script> <noscript> <style> .videoComponentContainer > a.videoComponent{ pointer-events: unset; } .videoComponentContainer > a.videoComponent .thumbnail-button{ display: unset; } </style> </noscript> </head> <body class="ac-gn-current-support no-js "> <link rel="stylesheet" type="text/css" href="https://www.apple.com/api-www/global-elements/global-header/v1/assets/globalheader.css" /> <div id="globalheader" class="globalnav-scrim globalheader-light"> <nav id="globalnav" lang="en_002" dir="ltr" aria-label="Global" data-analytics-element-engagement-start="globalnav:onFlyoutOpen" data-analytics-element-engagement-end="globalnav:onFlyoutClose" data-store-api="https://www.apple.com/[storefront]/shop/bag/status" data-analytics-activitymap-region-id="global nav" data-analytics-region="global nav" class="globalnav no-js" > <div class="globalnav-content"> <ul id="globalnav-list" class="globalnav-list" aria-labelledby="globalnav-menutrigger-button" > <li data-analytics-element-engagement="globalnav hover - apple" class="globalnav-item globalnav-item-apple" > <a href="https://www.apple.com/" data-globalnav-item-name="apple" data-analytics-title="apple home" aria-label="Apple" class="globalnav-link globalnav-link-apple" > <span class="globalnav-image-regular globalnav-link-image"> <svg height="44" viewBox="0 0 14 44" width="14" xmlns="http://www.w3.org/2000/svg" > <path d="m13.0729 17.6825a3.61 3.61 0 0 0 -1.7248 3.0365 3.5132 3.5132 0 0 0 2.1379 3.2223 8.394 8.394 0 0 1 -1.0948 2.2618c-.6816.9812-1.3943 1.9623-2.4787 1.9623s-1.3633-.63-2.613-.63c-1.2187 0-1.6525.6507-2.644.6507s-1.6834-.9089-2.4787-2.0243a9.7842 9.7842 0 0 1 -1.6628-5.2776c0-3.0984 2.014-4.7405 3.9969-4.7405 1.0535 0 1.9314.6919 2.5924.6919.63 0 1.6112-.7333 2.8092-.7333a3.7579 3.7579 0 0 1 3.1604 1.5802zm-3.7284-2.8918a3.5615 3.5615 0 0 0 .8469-2.22 1.5353 1.5353 0 0 0 -.031-.32 3.5686 3.5686 0 0 0 -2.3445 1.2084 3.4629 3.4629 0 0 0 -.8779 2.1585 1.419 1.419 0 0 0 .031.2892 1.19 1.19 0 0 0 .2169.0207 3.0935 3.0935 0 0 0 2.1586-1.1368z" ></path> </svg> </span> <span class="globalnav-image-compact globalnav-link-image"> <svg height="48" viewBox="0 0 17 48" width="17" xmlns="http://www.w3.org/2000/svg" > <path d="m15.5752 19.0792a4.2055 4.2055 0 0 0 -2.01 3.5376 4.0931 4.0931 0 0 0 2.4908 3.7542 9.7779 9.7779 0 0 1 -1.2755 2.6351c-.7941 1.1431-1.6244 2.2862-2.8878 2.2862s-1.5883-.734-3.0443-.734c-1.42 0-1.9252.7581-3.08.7581s-1.9611-1.0589-2.8876-2.3584a11.3987 11.3987 0 0 1 -1.9373-6.1487c0-3.61 2.3464-5.523 4.6566-5.523 1.2274 0 2.25.8062 3.02.8062.734 0 1.8771-.8543 3.2729-.8543a4.3778 4.3778 0 0 1 3.6822 1.841zm-6.8586-2.0456a1.3865 1.3865 0 0 1 -.2527-.024 1.6557 1.6557 0 0 1 -.0361-.337 4.0341 4.0341 0 0 1 1.0228-2.5148 4.1571 4.1571 0 0 1 2.7314-1.4078 1.7815 1.7815 0 0 1 .0361.373 4.1487 4.1487 0 0 1 -.9867 2.587 3.6039 3.6039 0 0 1 -2.5148 1.3236z" ></path> </svg> </span> <span class="globalnav-link-text"> Apple </span> </a> </li> </ul> </div> </nav> <div id="globalnav-curtain" class="globalnav-curtain"></div> <div id="globalnav-placeholder" class="globalnav-placeholder"></div> </div> <script type="text/javascript" src="https://www.apple.com/api-www/global-elements/global-header/v1/assets/globalheader.umd.js" ></script> <div id="app"> <div class="main section viewport-content" role="main" id="content"> <div id="sections" class=> <h1 class="gb-header">About the security content of visionOS 1.0.2</h1> <p class="subheader gb-subheader">This document describes the security content of visionOS 1.0.2.</p> <h2 class="gb-header">About Apple security updates</h2> <p class="gb-paragraph">For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the <a href="https://support.apple.com/kb/HT201222" class="gb-anchor">Apple security releases</a> page.</p> <p class="gb-paragraph">Apple security documents reference vulnerabilities by <a href="https://www.cve.org/About/Overview" class="gb-anchor">CVE-ID</a> when possible.</p> <p class="gb-paragraph">For more information about security, see the <a href="https://support.apple.com/kb/HT201220" class="gb-anchor">Apple Product Security</a> page.</p> <h2 class="gb-header">visionOS 1.0.2</h2> <div class="note gb-note"><p class="gb-paragraph">Released January 31, 2024</p></div> <p class="gb-paragraph"><b>WebKit</b></p> <p class="gb-paragraph">Available for: Apple Vision Pro</p> <p class="gb-paragraph">Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited.</p> <p class="gb-paragraph">Description: A type confusion issue was addressed with improved checks.</p> <div class="note gb-note"><p class="gb-paragraph">WebKit Bugzilla: 267134</p></div> <p class="gb-paragraph">CVE-2024-23222</p> <div class="note gb-note"><p class="gb-paragraph"><i>Note: This security fix is included in the visionOS 1.0.1 update that was released to developers and in visionOS 1.0.2 for devices updating directly from visionOS 1.0.</i></p></div> <div id="disclaimer"> <div class="sosumi"><p class="gb-paragraph">Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. <a href="https://support.apple.com/103190" class="gb-anchor">Contact the vendor</a> for additional information.</p></div> </div> <div class='mod-date'> <span>Published Date:</span>&nbsp;<time dateTime=November 14, 2024itemprop='datePublished'>November 14, 2024</time> </div> </div> </div> <div id='helpful-rating-wrapper'> <div id='helpful' class='ratings okapi-enabled'> <div> <fieldset id='question-state' class='show'> <legend class='helpful-heading'> <span id="okapi-a">Helpful?</span> </legend> <div class='helpful-btn-grp'> <button class='button button-reduced button-secondary' id='yes-button' data-ss-analytics-link-component_name='helpful' data-ss-analytics-link-component_type='helpful' data-ss-analytics-link-text='yes' data-ss-analytics-event=acs.link_click title='Solved my problem'> Yes </button> <button class='button button-reduced button-secondary' id='no-button' data-ss-analytics-link-component_name='helpful' data-ss-analytics-link-component_type='helpful' data-ss-analytics-link-text='no' data-ss-analytics-event=acs.link_click title='Not helpful'> No </button> </div> </fieldset> </div> <div id='feedback-state' class="form-element form-textbox-labelbelow hide"> <form autocomplete="off"> <input type='hidden' id='form-counter-error-message' value="Maximum character limit is 250." /> <label id='feedback-label' data-no-label="Thanks for letting us know." data-yes-label="We’re glad this article helped." ></label> <div class='form-element form-textbox-labelbelow' id='feedback'> <div class="textarea-wrapper"> <div> <div class="form-textbox form-textbox-with-counter"> <span class="form-label" id="optional_label" aria-hidden="true"></span> <textarea type="text" class="form-textbox-textarea form-counter-textarea form-text-area form-textbox-input" data-max-length='250' aria-labelledby="optional_label" aria-describedby="char_limit_counter" data-no-placeholder="How can we make this article more helpful? (Optional)" data-yes-placeholder="Anything else you’d like us to know? (Optional)" ></textarea> <div id="char_limit_counter" class="form-textbox-counter-wrapper form-textbox-counter"> <span class="visuallyhidden" id="char-limit-message">Character limit:</span> <span class="form-counter form-textbox-counter">250</span> </div> <div class="form-textbox-aria-live visuallyhidden" aria-live="polite"></div> </div> </div> </div> <div class='form-message-wrapper'> <span class='form-message'>Maximum character limit is 250.</span> </div> <label class='dont-include-label' htmlFor='feedback-note'>Please don’t include any personal information in your comment.</label> <button type='submit' class='button button-secondary' id="submit-feedback" data-ss-analytics-link-component_type='helpful' data-ss-analytics-link-text='submit'> Submit </button> </div> </form> </div> <div id='rating-done' class="hide"> Thanks for your feedback. </div> <div id='results-helpful' class='show'> </div> </div> </div> </div> <div class="footer-wrapper"> <footer id="ac-globalfooter" lang="en-mide" dir="ltr" class="js no-touch svg no-ie7 no-ie8 footer-global" data-analytics-region="global footer" role="contentinfo" aria-labelledby="ac-gf-label"> <div class="ac-gf-content"> <h2 class="ac-gf-label" id="ac-gf-label">Apple Footer</h2> <nav class="ac-gf-breadcrumbs" aria-label="Breadcrumbs" role="navigation"> <a href="https://www.apple.com" class="home ac-gf-breadcrumbs-home"> <span class="ac-gf-breadcrumbs-home-icon" aria-hidden="true"></span> <span class="ac-gf-breadcrumbs-home-label">Apple</span> <span class="ac-gf-breadcrumbs-home-chevron"></span> <span class="ac-gf-breadcrumbs-home-mask"></span> </a> <div class="ac-gf-breadcrumbs-path"> <ol class="ac-gf-breadcrumbs-list" vocab="http://schema.org/" typeof="BreadcrumbList"> <li class="ac-gf-breadcrumbs-item" property="itemListElement" typeof="ListItem"> <span property="name"> <a href="https://support.apple.com/en-mide">Support</a> </span> <meta property="position" content="1" /> </li> <li class="ac-gf-breadcrumbs-item" property="itemListElement" typeof="ListItem"> <span property="name">About the security content of visionOS 1.0.2</span> <meta property="position" content="2" /> </li> </ol> </div> </nav> <section class="ac-gf-footer" vocab="https://schema.org/" typeof="Organization"> <div class="ac-gf-footer-shop" x-ms-format-detection="none"></div> <div class="ac-gf-footer-locale"> <a class="ac-gf-footer-locale-link" href="https://support.apple.com/en-mide/118479/localeselector" title="Choose your country or region" aria-label="Middle East. Choose your country or region"> Middle East</a> </div> <div class="ac-gf-footer-legal"> <div class="ac-gf-footer-legal-copyright"> Copyright © 2024 Apple Inc. All rights reserved. </div> <div class="ac-gf-footer-legal-links"> <a class="ac-gf-footer-legal-link analytics-exitlink" href="https://www.apple.com/legal/">Terms of Use</a> <a class="ac-gf-footer-legal-link analytics-exitlink" href="https://www.apple.com/legal/privacy/en-ww/">Privacy Policy</a> </div> </div> <meta content="Apple" property="name"> <meta content="1-800-692-7753" property="telephone"> </section><link rel="stylesheet" type="text/css" href="https://www.apple.com/ac/globalfooter/3/en_US/styles/ac-globalfooter.built.css"> <script type="text/javascript" src="https://www.apple.com/ac/globalfooter/3/en_WW/scripts/ac-globalfooter.built.js"></script> </div> </footer> </div> <script src="/clientside/build/app-ac-route.js" type="text/javascript" charset="utf-8"></script> <script src="/clientside/build/app-launch-route.js" type="text/javascript" charset="utf-8"></script> <script src="/clientside/build/FujiStitchPath.js" type="text/javascript" charset="utf-8"></script> <script src="/clientside/build/launch.js" type="text/javascript" charset="utf-8"></script> <script src="/etc/designs/support/publish/JS/pattern/accsoffer.js" type="text/javascript" charset="utf-8"></script> <div id="apd-aria-live-region" aria-live="polite" role="status" class="a11y"></div> </body> </html>

Pages: 1 2 3 4 5 6 7 8 9 10