CVE-2020 - 9973 , a problem touch the Model I / O parcel , is one of the security measure hole . Apple believe that overwork the microbe , which demand work on a malicious USD file , could guide to the writ of execution of arbitrary code or a coif express . This flaw , reported by a Cisco Talos research worker to Apple , impress all macOS interlingual rendition and was as well patched on Io and iPadOS other this calendar month with the unveiling of translation 14 . CVE-2020 - 9968 , a sandbox hemipterous insect that can be abuse by a malicious syllabus to get at limit Indian file , is another flaw that feign all macOS rendering and which Apple already restore in iOS 14 and iPadOS 14 before this calendar month . TrustedSec ‘s Adam Chester has been praise with transport it to Apple . An arbitrary code slaying fault which can be mistreated victimization malicious trope data file has already been spotty by the technical school elephantine . The ImageIO component part in macOS High Sierra and Mojave is touched by this job , key out by Xingwei Lin of Ant Group Light - Year Security Lab . The one-quarter hemipteron prepare in macOS this calendar week , which simply dissemble High Sierra , bear on the Mail component and will reason a remote control intruder to “ unexpectedly alter the coating express . ” researcher from the FH Münster University of Applied Sciences in Germany find the defect . This calendar week , iCloud for Windows was promote to variation 11.4 . The New update resolve a blemish in crisscross - land site script ( XSS ) . This workweek , Apple as well relinquish update to iOS 14 , watchOS 7 and tvOS 14 , but read no exposure are direct .