Wednesday, 5 June 2013

Apple posts security update for OS X and Safari flaws

Apple logo
Apple has posted updates to address major security vulnerabilities in its OS X Lion, Mountain Lion and Safari releases.
The company said that the update would include both fixes for its trademark desktop operating system and its browser which will patch a number of security vulnerabilities which can be remotely targeted by attackers.
Among the fixes include updates for remote code execution vulnerabilities as well as patches to address cross-site scripting and denial of service errors.
For OS X, the update includes remote code execution patches for issues ranging form the handling of network messages to movie files and a flaw which could allow for the FileVault security component to be remotely disabled. The update also includes fixes for the OpenSSL component and the QuckTime media player component.
For Safari, the update will include more than two dozen security updates to fix security holes in both the browser itself and its WebKit engine.
The company said that the browser update includes fixes for cross-site scripting attacks which could allow an attacker to remotely send users to a hostile web page as well as memory corruption issues which could allow an attacker to execute code on a targeted system.
Apple did not mention any reports of attacks on the vulnerabilities in the wild.
Users can obtain the update through Apple's Software Update utility on OS X systems or through the company's download site.

No comments:

Post a Comment