Apple has posted updates to address major security vulnerabilities in its OS X Lion, Mountain Lion and Safari releases.
The company said that the update would
include both fixes for its trademark desktop operating system and its
browser which will patch a number of security vulnerabilities which can
be remotely targeted by attackers.
Among the fixes include updates for
remote code execution vulnerabilities as well as patches to address
cross-site scripting and denial of service errors.
For OS X, the update includes remote code
execution patches for issues ranging form the handling of network
messages to movie files and a flaw which could allow for the FileVault
security component to be remotely disabled. The update also includes
fixes for the OpenSSL component and the QuckTime media player component.
For Safari, the update will include more
than two dozen security updates to fix security holes in both the
browser itself and its WebKit engine.
The company said that the browser update
includes fixes for cross-site scripting attacks which could allow an
attacker to remotely send users to a hostile web page as well as memory
corruption issues which could allow an attacker to execute code on a
targeted system.
Apple did not mention any reports of attacks on the vulnerabilities in the wild.
Users can obtain the update through Apple's Software Update utility on OS X systems or through the company's download site.
No comments:
Post a Comment