Apple watchOS 2.0.1 Rolls Out With New Emoji And Bug Fixes

Apple / Mobile / Tech / Wearables
Apple_Watch_Rose_Gold

Apple watchOS 2.0.1 started rolling out to users today with a variety of bug fixes and the new emoji characters everyone has been raving about. Included in the bug fixes are fixes for software update stalls, improved battery performance, syncing issues with Calendar, location information and other minor issues. We’ve been using the Apple Watch now for a few weeks and will have a full review coming soon and later we’ll have a comparison between Android Wear and watchOS. We’ll also have a comparison of Apple Watch, Moto 360 V2 and Huawei Watch at some point so keep an eye on that as well, in the meantime, here’s the rundown of what’s new in watchOS 2.0.1.

watchOS_2_0_1

About the security content of watchOS 2.0.1

This document describes the security content of watchOS 2.0.1.

For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.For information about the Apple Product Security PGP Key, see How to use the Apple Product Security PGP Key.Where possible, CVE IDs are used to reference the vulnerabilities for further information.To learn about other security updates, see Apple security updates.

watchOS 2.0.1

  • Apple Pay
    Available for:
    Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes
    Impact: Some cards may allow a terminal to retrieve limited recent transaction information when making a payment
    Description: The transaction log functionality was enabled in certain configurations. This issue was addressed by removing the transaction log functionality. This update additionally addresses the issue for Apple Watches manufactured with watchOS 2.CVE-IDCVE-2015-5916
  • Bom
    Available for:
    Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes
    Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution
    Description: A file traversal vulnerability existed in the handling of CPIO archives. This issue was addressed through improved validation of metadata.CVE-IDCVE-2015-7006 : Mark Dowd at Azimuth Security
  • configd
    Available for:
    Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes
    Impact: A malicious application may be able to elevate privileges
    Description: A heap based buffer overflow issue existed in the DNS client library. A local user with the ability to spoof responses from the local configd service may have been able to cause arbitrary code execution in DNS clients.CVE-IDCVE-2015-7015 : PanguTeam
  • CoreGraphics
    Available for:
    Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes
    Impact: Processing a maliciously crafted image may lead to arbitrary code execution
    Description: A memory corruption issue existed in CoreGraphics. This issue was addressed through improved memory handling.CVE-IDCVE-2015-5925 : AppleCVE-2015-5926 : Apple
  • FontParser
    Available for:
    Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes
    Impact: Viewing a document with a maliciously crafted font may lead to arbitrary code execution
    Description: Multiple memory corruption issues existed in the handling of font files. These issues were addressed through improved bounds checking.CVE-IDCVE-2015-5927 : AppleCVE-2015-5942
  • Grand Central Dispatch
    Available for:
    Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes
    Impact: Processing a maliciously crafted package may lead to arbitrary code execution
    Description: A memory corruption issue existed in the handling of dispatch calls. This issue was addressed through improved memory handling.CVE-IDCVE-2015-6989 : Apple
  • ImageIO
    Available for:
    Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes
    Impact: Viewing a maliciously crafted image file may lead to arbitrary code execution
    Description: Multiple memory corruption issues existed in the parsing of image metadata. These issues was addressed through improved metadata validation.CVE-IDCVE-2015-5935 : AppleCVE-2015-5936 : Apple

    CVE-2015-5937 : Apple

    CVE-2015-5939 : Apple

  • IOAcceleratorFamily
    Available for:
    Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes
    Impact: A malicious application may be able to execute arbitrary code with system privileges
    Description: A memory corruption issue existed in IOAcceleratorFamily. This issue was addressed through improved memory handling.CVE-IDCVE-2015-6996 : Ian Beer of Google Project Zero
  • IOHIDFamily
    Available for:
    Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes
    Impact: A malicious application may be able to execute arbitrary code with kernel privileges
    Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling.CVE-IDCVE-2015-6974 : Luca Todesco (@qwertyoruiop)

Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Risks are inherent in the use of the Internet. Contact the vendor for additional information. Other company and product names may be trademarks of their respective owners.

Last Modified:
Comments
To Top