toggle

AAPL Stock: 102.25 ( + 0.12 )

Printed from http://www.macnn.com

Security update for Lion, Lion Server, Mountain Lion issued

updated 06:06 pm EDT, Wed July 2, 2014

Addresses numerous flaws, bugs already addressed in Mavericks 10.9.4

Alongside the release of OS X 10.9.4 Mavericks for newer Macs, Apple has also releases security-oriented updates for OS X 10.7.x (Lion), the server version of Lion, and for 10.8.x Mountain Lion. The vulnerabilities patched for all three versions include an update to the certificate trust policy, a flaw in the "copyfile" command, and an issue with the Dock that could allow apps to circumvent the sandboxing restrictions. Numerous other discovered potential security vulnerabilities were also addressed.

Issues that were shared with both Mountain Lion and Mavericks up to 10.9.3 included a flaw in the graphics drivers system that allowed users to read the contents of kernel memory, as well as a validation issue regarding OpenGL by the Intel graphics driver. Similar issues were addressed with Intel Compute and the IO Accelerator Family. In addition, a flaw was discovered by an Adium researcher in the secure transport mechanism and addressed. Many of the issues fixed were uncovered by Ian Beer of Google Project Zero.

OS X 10.9.4, released on Monday, addressed any overlapping security issues covered in the Lion, Lion Server and Mountain Lion updates, as well as addressing a handful of new issues. Among the flaws fixed in 10.9.4 were a vulnerability in curl that could allow access to another user's session; an iBooks Commerce flaw that could conceivably have allowed an attacker with system access to read login credentials; bugs that could allow local users to bypass address space randomization in the IOGraphics Family; an IOReporting glitch that could cause a spontaneous restart; various flaws in launchd; a bug in Keychain that sometimes disallowed keystrokes, and a security issue in Thunderbolt.

Users can update their systems by launching Software Update, where they will see the appropriate security update available for their OS version. For Mavericks owners, updating to 10.9.4 includes all the patches to fix the issues present in 10.9.0-10.9.3. The updates are free for all users.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. Marauder

    Fresh-Faced Recruit

    Joined: 11-15-09

    Looks like the end of support for Snow Leopard then, pretty good that they kept up Security Updates for so long tho.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Epson PowerLite Home Cinema 2030 projector

With high-definition televisions now the standard, 4K televisions becoming the next big thing, and plasma TVs going the way of the din ...

Life n Soul 8 Driver Bluetooth headphones

When it comes to music on the go, consumers generally have some options to consider when looking for the best experience. While Blueto ...

Pure Jongo T2 wireless speaker

Multi-room audio compatibility is a key metric for wireless sound systems these days. The entry cost into a house-spanning system can ...

toggle

Most Commented