CVE-2016-4667 Apple CVE debrief

Who should care

MacOS administrators, endpoint security teams, and users or services that process untrusted fonts or documents should pay attention, especially on systems still running macOS 10.12.0 or earlier.

Technical summary

NVD identifies the weakness as CWE-119 and lists macOS versions up to 10.12.0 as vulnerable. The attack vector is network-based but requires user interaction, consistent with a crafted font being opened or processed by the ATS component. Impact is described as memory corruption that can result in arbitrary code execution or an application crash. Apple’s vendor advisory is referenced in the NVD record as support.apple.com/HT207275.

Defensive priority

High. The combination of remote attack potential, code-execution impact, and a high CVSS score makes this a priority remediation item for any remaining pre-10.12.1 macOS systems.

Recommended defensive actions

• Upgrade affected macOS systems to 10.12.1 or later, or the newest supported Apple release available.
• Verify no endpoints remain on macOS 10.12.0 or earlier using asset inventory and compliance checks.
• Treat untrusted font files and documents as risky inputs on affected systems until patched.
• Use Apple’s vendor advisory and related references to confirm the appropriate remediation path for your environment.
• If patching is delayed, restrict exposure of vulnerable systems to untrusted content sources as much as possible.

Evidence notes

All core claims in this debrief come from the supplied NVD record: affected product scope (macOS through 10.12.0), vulnerability type (ATS memory corruption), impact (arbitrary code execution or denial of service via crafted font), CVSS 3.0 vector (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), and weakness classification (CWE-119). Apple’s support.apple.com/HT207275 advisory is listed by NVD as a vendor reference, but no direct advisory text was provided in the source corpus.

Official resources