Skip to main content

Apple updates OS X Mavericks, Safari and other products

Summary: In addition to Mavericks 10.9.5, the company released updates for earlier OS X versions, multiple new versions of Safari, and patches for Xcode, OS X Server and Apple TV.

In addition to the large list of vulnerabilities fixed in iOS 8, Apple has released new versions of many other products to fix many other vulnerabilities. 

iOS 8 fixed 53 vulnerabilities in earlier versions. The other new versions — OS X Mavericks 10.9.5; Security Update 2014-004; Safari 6.1.6, 7.0.6, 6.2 and 7.2; Xcode 6.0.1; OS X Server 2.2.3 and 3.2.1; and Apple TV 7 — fix another 53.

Many of the fixes in OS X Mavericks 10.9.5 and Security Update 2014-004 are problems with common open source programs which the average user might not use. Among these are Apache mod_php, Ruby and QT Media Foundation. But several are serious, especially the bugs in the Intel Graphics Driver, IOAcceleratorFamily and Libnotify, one of which allows a malicious application to execute arbitrary code with root privileges. This is a very critical update for Mac users. All of the bugs fixed in Apple TV were among those fixed in OS X.

Apple adds that the new version of Mavericks "[f]ixes an issue with group membership in large network groups, that also might prevent administrators from performing some administrative tasks successfully" and "[a]llows for faster authentication when roaming on 802.1x networks which use EAP-TLS." Mavericks 10.9.5 also includes Safari 7.0.6, about which more below.

Nearly all the flaws fixed in Safari 6.1.6, 6.2, 7.0.6 and 7.2 are memory corruption bugs in the WebKit browser engine which could allow remote code execution. The others are information disclosure bugs. XCode 6.0.1 stops a potential crash bug in Apache Subversion, a revision control system.

OS X Server 2.2.3 and 3.2.1 both fix a SQL injection bug which could allow an attacker to run arbitrary SQL queries. Version 3.2.1 also fixes a JavaScript injection bug and multiple critical bugs in PostgreSQL.

As with the iOS 8 fixes, Ian Beer of Google Project Zero was the greatest contributor to these security disclosures.

Reference :- https://bitly.com/1qigtsS

Comments

Popular posts from this blog

Intel Unveils A Trio Of New Mobile Chips: Atom x3, x5, and x7 - Coming To Phones, Tablets, And Other Stuff

This week at MWC, Intel revealed its 2015 and 2016 mobile chipset lineup, as well as the fact that the company is adopting a similar naming scheme to its Core line of processors with these new chips. They've been dubbed x3, x5, and x7, and as with the Core processors, bigger is generally better. Intel has long been something of a dark horse in the mobile industry. The company has seen negligible penetration in smartphones to date (though not  none ) and competes almost exclusively in the low to mid-range segment in Android tablets. Of course, as the ultraportable market changes and small, super-thin laptops and convertibles become more common, Intel is swooping in with design wins left and right, keeping the likes of Qualcomm, NVIDIA, MediaTek, and Samsung out of a lucrative market. The Ultrabook swing was a huge help to Intel, a beacon of hope as the world's top chipmaker failed to break into mobile. While Intel struggled to foist itself into a viable position in the ...

Game Of Thrones Game Leads Into Season 5

Telltale Games has kept their Game of Thrones project under tight wraps over the past year. On Tuesday, they finally shed some light on the adventure game based on the HBO show. Game of Thrones: A Telltale Games Series stars House Forrester. They appeared in George R. R. Martin's novel A Dance with Dragons but haven't been seen in the TV show yet. The Forresters reside in the Wolfswood in northern Westeros. Their stronghold of Ironrath has stood at the edge of Westeros' largest ironwood forest for fifteen hundred years. "Ironrath is a testament to the strength and endurance of Ironwood," Telltale explains . "The Forrester house words are 'Iron from Ice', which echoes their belief that - like the ironwood itself - the adverse conditions and unforgiving landscape of the North only makes them stronger." Like their bannermen at House Glover, the Forresters are loyal allies of the Starks. This puts them right in the middle of the War ...

HTTPS As A Ranking Signal

Security is a top priority for Google. They invest a lot in making sure that their services use industry-leading security, like strongHTTPS encryption by defaul t. That means that people using Search, Gmail and Google Drive, for example, automatically have a secure connection to Google. Beyond their own stuff, they are also working to make the Internet safer more broadly. A big part of this is, they are making sure that websites people access from Google are secure. For instance, they have created resources to help webmasters prevent and fix security breaches on their sites. They want to go even further. At Google I/O a few months ago, They called for “ HTTPS everywhere ” on the web. They have also seen more and more webmasters adopting HTTPS (also known as HTTP over TLS , or Transport Layer Security), on their website, which is encouraging. For these reasons, over the past few months they have been running tests taking into account whether sites use secure, en...