|
Apple has released updates for several Apple products including OS X Lion (10.7.2), Snow Leopard (Security Update 2011-006), Apple iOS (5), Numbers for iOS (1.5) and Pages for IOS (1.5) to address multiple security issues. The update will fix about 75 vulnerabilities for OS X 10.6. These vulnerabilities can be exploited to cause execution of arbitrary code and lead to denial of service conditions. The vulnerabilities reported are as follows:
- Improper storage and handling of web cookies.
- File Vault 2 leaving 250MB of unencrypted data accessible if system used before encrypting.
- Screen lock password bypass for Cinema Display users.
- Firewire DMA access allowed password recovery during boot/shutdown.
- Open Directory flaws allowed reading other users password hashes.
- Open Directory flaws in OS X Lion that allowed changing password without old. password
- Open Directory flaws in OS X Lion that allowed logging in without a password.
For
more information, visit the following links:
http://nakedsecurity.sophos.com/2011/10/12/apple-releases
Source:
Naked Security Sophos
http://nakedsecurity.sophos.com
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
|
