Posts tagged as:

Apple

Apple patches 58 bugs

by certifiedbug on November 11, 2009

in Internet Security

Apple patched 58 vulnerabilities in its Mac operating systems Monday. http://support.apple.com/kb/HT3937

More than half of the vulnerabilities patched today, 32 out of the 58, were accompanied by the phrase “may lead to arbitrary code execution,” which is Apple’s way of saying that a flaw was critical and could be used by attackers to hijack a Mac. Apple does not assign ratings or severity scores to the bugs it patches, unlike other major software makers, such as Microsoft and Oracle.

http://www.networkworld.com/news/2009/111009-apple-delivers-mammoth-update-patches.html

The latest Snow Leopard update kills support for the Atom processor in an attempt to prevent users from performing a “hackintosh” on their netbooks.

http://gizmodo.com/5156903/how-to-hackintosh-a-dell-mini-9-into-the-ultimate-os-x-netbook

{ 0 comments }

Apple Security updates available

by certifiedbug on September 11, 2009

in Internet Security

Apple has issued security updates for the Mac OS X operating system.
http://support.apple.com/kb/HT3865
http://support.apple.com/kb/HT3864

http://support.apple.com/downloads/

About the security content of QuickTime 7.6.4
http://support.apple.com/kb/HT3859
About the security content of iPhone OS 3.1 and iPhone OS 3.1.1 for iPod touch
http://support.apple.com/kb/HT3860

September 2nd, 2009 by Graham Cluley, Sophos.
Apple ships a known vulnerable version of Flash with Snow Leopard
Check your version of Adobe Flash is current: http://get.adobe.com/flashplayer/

{ 0 comments }

The Register: Apple looking into anti-malware protection

August 26, 2009

Apple commercials portray the Mac as an operating system free of malware threats, interesting to see this report at the Register.
“Apple sneaks malware protection into Snow Leopard
Coverage goes only so far”
http://certifiedbug.com/blog/tag/apple/

Read the full article →

Apple patches security holes in iTunes QuickTime

June 2, 2009

About the security content of iTunes 8.2
Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.
Fixes a stack buffer overflow.
About the security content of QuickTime 7.6.2
Fixes a number of security vulnerabilities.
Apple Security Updates

Read the full article →

Mac OS X 10.5.6 Leopard Update, users report issues

December 17, 2008

A day after the update was released via Apple’s download service, users reported problems with most centering on Operating System freezes and ‘Blue Screens of Death’.
Information Week
Ironically Apple poked fun at Windows with a Blue Screen of Death Easter Egg in the final release of Leopard.

Read the full article →

iTunes 8- connecting ipod causing BSOD on Vista

September 10, 2008

Lots of unhappy campers.
http://discussions.apple.com/thread.jspa?threadID=1701063&tstart=0
Update.
Apple reissued iTunes to fix the BSOD issue on Windows Vista due to iTunes buggy drivers. Article: TS2280
However there are now two different versions of software and drivers named version 8, the buggy one and the ‘update’ using older editions from July.
If you were one of those affected, you will need to [...]

Read the full article →

Safari update fixes “carpet bomb”

June 21, 2008

Apple had previously said that the vunerability, found by security consultant Nitesh Dhanjani and dubbed the”carpet bombing” bug, would not be treated as a security issue, but rather filed as an enhancement request.
Certifiedbug: Apple’s Safari Carpet Bomb
A second researcher, Aviv Raff, found a way to execute files on the desktop without notifying the user.
Safari pwns [...]

Read the full article →

Apple’s Safari Carpet Bomb

May 15, 2008

Nitesh Dhanjani released his research on issues within Apple’s Safari browser today.
Apprantly Apple has decided not to fix two of the issues and gave Dhanjani permission to discuss them with the security community.
1. Safari Carpet Bomb. It is possible for a rogue website to litter the user’s Desktop (Windows) or Downloads directory (~/Downloads/ in OSX). [...]

Read the full article →

Apple Safari 3.1 for Windows, new vulnerabilities

March 25, 2008

Apple
Engineers designed Safari to be secure from day one.
Secunia Advisory: SA29483
Release Date: 2008-03-24
Safari Address Bar Spoofing and Memory Corruption Vulnerabilities
Highly critical
Impact: Spoofing
System access
Where: From remote
Solution Status: Unpatched
Description:
Juan Pablo Lopez Yacubian has discovered two vulnerabilities in Safari, which can be exploited by malicious people to conduct spoofing attacks or potentially compromise a user’s system.
1) An error [...]

Read the full article →

Say what?

March 23, 2008

Joe Wilcox Too Much Safari 3.1 Nonsense
Every developer shipping updaters should follow Apple’s approach. Are you listening Adobe?
You have got to be kidding, suggesting Adobe listen up and push more crud our way?
February 28, 2008.
PayPal warns: Steer clear of Apple’s Safari browser

Read the full article →

← Previous Entries