back to article Apple patches FREAK-ed out Watch

Apple has patched a dozen security flaws in Watch, including FREAK and two allowing arbitrary code execution. The updates cover Oracle hacker Marc Schoenefeld's arbitrary code execution which triggers (CVE-2015-1093) when the Apple Watch processes a maliciously crafted font file. It also squashes hacker Loki@ART's bug that …

  1. eSeM

    As Always ....

    Apple would again like to thank it's loyal followers for beta testing another one of their products .....

    1. Dave 126 Silver badge

      Re: As Always ....

      I'm trying to think of a platform that doesn't have security updates issued as flaws are found after release. I can only assume eSem uses some perfect OS known only to himself.

      1. Sebby

        Re: As Always ....

        In this case, though, many of the vulns were known about. Many of them have long been fixed on iOS and Mac; in fact my thought as I updated was that it was shameful how long it took them, considering the things have just been shipped.

        So yes, good point, but ...

        1. Fink-Nottle

          Re: As Always ....

          > my thought as I updated was that it was shameful how long it took them, considering the things have just been shipped.

          I suppose owning a Watch allows users to experience time differently, but to my unsophisticated mind 'the patch took too long' and 'the things have just been shipped' are mutually exclusive.

          1. Sebby

            Re: As Always ....

            >> I suppose owning a Watch allows users to experience time differently, but to my unsophisticated mind 'the patch took too long' and 'the things have just been shipped' are mutually exclusive.

            Fair point, and I did get my watch on release day, but no, these vulns should have been fixed before the thing landed on my doorstep, or at the least have been installed after I unboxed it.

        2. big_D Silver badge

          Re: As Always ....

          @Sebby I agree that the patch not being available on release day is shameful for the older, known bugs. But if the hardware had been in the manufacturing pipeline since before the bugs were known, then it is understandable that they are released unpatched.

          1. Sebby

            Re: As Always ....

            @big_D Yes, that's understandable. What I don't think I can deal with is the way that Apple does bug triage. They seem to deal with security issues in exactly the same way they deal with any other bug (i.e., painfully slowly, unless it's bad for the public image, in which case very quickly) and that's not cool IMO. I suppose this is just another symptom of that.

  2. Jamie Jones Silver badge

    Virus free!

    Apparently, there are watches out there that cost around a tenner, that are guaranteed to never get viruses. They can also accurately tell the time, and last over a year without needing charging.

    As if! Sounds like vapourware to me.

    1. frank ly
      Thumb Up

      Re: Virus free!

      Mine is a 'Limit' watch, £9.99 from some high street retailer. I buy a replacement about every two years after the battery runs out.

  3. Anonymous Coward
    Anonymous Coward

    Troll template - draft version

    Apple would again like to thank it's loyal followers for beta testing another one of their products

    Hmm. Time for a template, I think.

    Your troll sucked because (tick all that apply):

    [ ] : it lacked real, frothing-at-the-mouth outrage

    [ ] : IT DID NOT CONTAIN ENOUGH CAPITALS

    [ ] : it did not contain enough exclamation marks!!!

    [ ] : it lacked mandantorie spelinq misteaks

    [ ] : it was boring or lacked any real controversy

    [ ] : it was *way* too obvious as a troll

    [ ] ; it wasn't even amusing

    [ X ] : (lazy option) All of the above

    [ ] : other (fill in): ...........................................

    My advice:

    [ ] : don't give up the day job

    [ ] : keep trying (shows some promise)

    [ ] : use your other hand

    [ X ] : tell your mother you're sorry

    [ ] : best switch to an etch-a-sketch

    [ ] : grow up

    [ ] : get a clue

    Let the amendments begin.

    1. Paw Bokenfohr

      Re: Troll template - draft version

      Awesome.

  4. AndyJenk

    Apple's watch is not that smart

    Glad I got a real smart watch for £90. Takes a Sim card and has Android 4.4.2. It may have vulnerabilities but no more than stock KitKat. Has camera, bluetooth, GPS, motion sensor, voice input / output so it will actually TELL you the time without a tethered phone. Of course all the Android health apps etc. can be downloaded from Play Store. It is a Zgpax S8 and it works!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020