Apple Watch leaks data

Apple has issued a slew of patches for all of its devices, among them one that quashes a flaw that means "A malicious application may be able to leak sensitive user information" from the Apple Watch. Other Watch flaws allows arbitrary code execution.

CVE-2016-1802 also impacts other iOS devices.

Apple says "An issue existed in the handling of return values in CCCrypt. This issue was addressed through improved key length management."

Two code execution problem (CVE-2016-1808 and 2016-1817) mean "An application may be able to execute arbitrary code with kernel privileges."

Other Watch flaws could create a denial of service condition.

New versions of iOS, watchOS, tvOS, MacOS, Safari and iTunes were all released today. ®