Skip to main content

Apple updates OS X Mavericks, Safari and other products

Summary: In addition to Mavericks 10.9.5, the company released updates for earlier OS X versions, multiple new versions of Safari, and patches for Xcode, OS X Server and Apple TV.

In addition to the large list of vulnerabilities fixed in iOS 8, Apple has released new versions of many other products to fix many other vulnerabilities. 

iOS 8 fixed 53 vulnerabilities in earlier versions. The other new versions — OS X Mavericks 10.9.5; Security Update 2014-004; Safari 6.1.6, 7.0.6, 6.2 and 7.2; Xcode 6.0.1; OS X Server 2.2.3 and 3.2.1; and Apple TV 7 — fix another 53.

Many of the fixes in OS X Mavericks 10.9.5 and Security Update 2014-004 are problems with common open source programs which the average user might not use. Among these are Apache mod_php, Ruby and QT Media Foundation. But several are serious, especially the bugs in the Intel Graphics Driver, IOAcceleratorFamily and Libnotify, one of which allows a malicious application to execute arbitrary code with root privileges. This is a very critical update for Mac users. All of the bugs fixed in Apple TV were among those fixed in OS X.

Apple adds that the new version of Mavericks "[f]ixes an issue with group membership in large network groups, that also might prevent administrators from performing some administrative tasks successfully" and "[a]llows for faster authentication when roaming on 802.1x networks which use EAP-TLS." Mavericks 10.9.5 also includes Safari 7.0.6, about which more below.

Nearly all the flaws fixed in Safari 6.1.6, 6.2, 7.0.6 and 7.2 are memory corruption bugs in the WebKit browser engine which could allow remote code execution. The others are information disclosure bugs. XCode 6.0.1 stops a potential crash bug in Apache Subversion, a revision control system.

OS X Server 2.2.3 and 3.2.1 both fix a SQL injection bug which could allow an attacker to run arbitrary SQL queries. Version 3.2.1 also fixes a JavaScript injection bug and multiple critical bugs in PostgreSQL.

As with the iOS 8 fixes, Ian Beer of Google Project Zero was the greatest contributor to these security disclosures.

Reference :- https://bitly.com/1qigtsS

Popular posts from this blog

Watch out WhatsApp: Google may be launching a free messaging app very soon

Software giant Google Inc plans to launch a mobile messaging app it is likely to test in India and other emerging markets, the Economic Times reported on Friday, citing sources.

If launched, the mobile app will compete in the mobile chat space with the likes of WhatsApp, Line and Hike.

The daily said Google was in the early stages of development of the app, which will not make it mandatory to use a Google login. Moreover, unlike WhatsApp, where users have to pay Rs 53 annually after one year of usage, Google's messaging app will be free.

The Mountain View, California-based company is also looking at localisation, by adding Indian language support and voice-to-text messaging, the newspaper said.

A Google spokeswoman said the company did not comment on speculation.

Source:- http://bit.ly/1xIZHMs

Ariana Grande Posted a video on Instagram

Assassin’s Creed Unity: Time Anomaly Trailer Sheds New Light on Contemporary Subplot

Earlier this week, Ubisoft quietly dropped another new trailer for Assassin’s Creed Unity. The Time Anomaly trailer gave players their first hint at the contemporary storyline that will carry over into the game. In the previous games, Desmond Miles was plugged into the Animus, which detected the “genetic memories” of his ancestors. Desmond Miles is out of the picture, so the main franchise story will likely move in the direction of another character’s bloodline. The previous games featured the ancestors of Desmond Miles, and Arno Dorian is not Desmond’s ancestor. The brand new trailer offers the first look at the present-day timeline. It appears that the stakes of using the Animus have changed. The Time Anomaly trailer offers some exciting new wrinkles for the Assassin’s Creed unity storyline.
The voice of an unknown female character warns an unnamed Assassin that the French Revolution simulation is collapsing. The Assassin is likely the main player or character and the descendant of A…