Skip to main content

Apple updates OS X Mavericks, Safari and other products

Summary: In addition to Mavericks 10.9.5, the company released updates for earlier OS X versions, multiple new versions of Safari, and patches for Xcode, OS X Server and Apple TV.

In addition to the large list of vulnerabilities fixed in iOS 8, Apple has released new versions of many other products to fix many other vulnerabilities. 

iOS 8 fixed 53 vulnerabilities in earlier versions. The other new versions — OS X Mavericks 10.9.5; Security Update 2014-004; Safari 6.1.6, 7.0.6, 6.2 and 7.2; Xcode 6.0.1; OS X Server 2.2.3 and 3.2.1; and Apple TV 7 — fix another 53.

Many of the fixes in OS X Mavericks 10.9.5 and Security Update 2014-004 are problems with common open source programs which the average user might not use. Among these are Apache mod_php, Ruby and QT Media Foundation. But several are serious, especially the bugs in the Intel Graphics Driver, IOAcceleratorFamily and Libnotify, one of which allows a malicious application to execute arbitrary code with root privileges. This is a very critical update for Mac users. All of the bugs fixed in Apple TV were among those fixed in OS X.

Apple adds that the new version of Mavericks "[f]ixes an issue with group membership in large network groups, that also might prevent administrators from performing some administrative tasks successfully" and "[a]llows for faster authentication when roaming on 802.1x networks which use EAP-TLS." Mavericks 10.9.5 also includes Safari 7.0.6, about which more below.

Nearly all the flaws fixed in Safari 6.1.6, 6.2, 7.0.6 and 7.2 are memory corruption bugs in the WebKit browser engine which could allow remote code execution. The others are information disclosure bugs. XCode 6.0.1 stops a potential crash bug in Apache Subversion, a revision control system.

OS X Server 2.2.3 and 3.2.1 both fix a SQL injection bug which could allow an attacker to run arbitrary SQL queries. Version 3.2.1 also fixes a JavaScript injection bug and multiple critical bugs in PostgreSQL.

As with the iOS 8 fixes, Ian Beer of Google Project Zero was the greatest contributor to these security disclosures.

Reference :- https://bitly.com/1qigtsS

Popular posts from this blog

5 More Killer Firefox Addons for Designers

If you compare the way you use your computer today with how you used it, let’s say 10 years ago, you will probably notice a big difference, even if you essentially still do the same tasks with it. Applications replace Software and Add-Ons replace Stand Alone Programs.

It’s obvious, we are doing a majority of our work in our browser. Even designers can utilize free photoshop alternatives which are completely web based, without ever leaving their beloved browser. Extensions and Add-Ons enhance this experience also, by turning your web browser into a real hub. Mozilla Firefox is one of the browsers which can offer you very powerful assets of tools, if it’s used right.

Whether if it’s Web Design, UX, UI, Typography or anything else; some of Mozilla’s Firefox Web Browser’s strong points lie in it’s broad selection of available add-ons. Apart from the must have add-ons as the Web Developer Toolbar by Chris Pederick , and Firebug by Joe Hewitt, there are a lot of other little tools which ca…

BlackBerry Partners with Samsung: BES12-Knox Team-up is Good News for Security of Android

(Photo : Kārlis Dambrāns)

BlackBerry has a pleasant surprise for Android users: a partnership with Samsung will bring better Android security by coupling its BlackBerry Enterprise Server (BES) 12 mobility management platform with Samsung's business-centered Knox security system.

In a move that raised eyebrows, BlackBerry CEO John Chen announced at the company's enterprise event in San Francisco on Nov. 13 that it is working with Samsung, the very company that brought the Canadian smartphone maker to its knees, to deliver more secure mobility solutions for enterprises running on Android.

The partnership will provide Samsung's business clients using its Knox suite of secure work applications with an additional layer of security by having Knox run on BlackBerry's BES12 server.

"People probably didn't expect to see these two companies on the same stage, at least not willingly," says John Sims, BlackBerry's head of enterprises services. "We need to be abl…

Taylor Swift Unhappy After Princeton Review Misquotes Her Lyrics in SAT Test Paper

The popstar of several multi-million dollar hits and multi-million dollarlegs, Taylor Swift is not one to be messed with. The Princeton Review found that out the hard way after they published Tay Tay's lyrics as an example of bad grammar on a SAT practice test.

To be fair, they were trying to make the point that pop songs are where grammar goes to die and also cited other pop singers such as Katy Perry, Justin Timberlake, Lady Gaga and Kesha.

The fiercely loyal Tay Tay fans were not likely to let this go by and Tumblr user Nava who was apparently having ' an amazing time studying for SAT' when she spotted this, posted a snapshot with the caption, " .... it isn't a pop song it's a country pop song so take that Princeton review Taylor is grammar queen so shhhhhh.."


Source

Unluckily for the Princeton Review however they misquoted the lyrics of the song Fifteen. The question paper wanted students to grammatically correct, "Somebody tells you they love you, …