‫ Apple issues many security updates for OS X, including Lion and Mountain Lion

ID: IRCNE2014022118
Date: 2013-02-26

According to "zdnet", in addition to fixing a high-priority bug in SSL/TLS and shipping numerous feature tweaks and fixes, Apple released a large number of security fixes today to OS X, Safari and QuickTime for Windows.

There were 33 vulnerabilities patched in OS X, four in Safari and 10 in QuickTime for Windows.

Surprisingly, in addition to patching the current version OS X 10.9 (Mavericks), updates were also released for OS X 10.7.x (Lion) and OS X 10.8.x (Mountain Lion). In the time since they released Mavericks in October Apple has disclosed and but not patched dozens of vulnerabilities in Mountain Lion. This policy appears to have changed, but most of the vulnerabilities previously unpatched remain unpatched, according to Apple's disclosures.

Many of the OS X vulnerabilities are quite severe. Apple has a good deal of experience with this vulnerability having now patched it on 8 separate occasions in different programs:

The remaining vulnerabilities include many with which an attacker could execute privileged code, intercept confidential data or modify files. One vulnerability could allow an unprivileged user to change the system clock.

Four vulnerabilities were patched in Safari for Lion, Mountain Lion and Mavericks. All four are in the Webkit browser engine, and are memory corruption vulnerabilities with which an attacker could execute arbitrary code by getting the user to visit a malicious web site.

All ten vulnerabilities in QuickTime for Windows could allow remote code execution if the user plays a malicious movie file.

Related Links:

Apple promises to fix OS X encryption flaw 'very soon'



بدون نظر
شما برای نظر دادن باید وارد شوید


تاریخ ایجاد: 7 اسفند 1392



امتیاز شما
تعداد امتیازها:0