September 15 - 10:10pm EDT
Apple on Monday unveiled Security Update 2008-006, detailing the various security fixes patched between it and the Mac OS X 10.5.5 update. The updates both resolve a vast number of issues, mostly relating to the remote execution of arbitrary code, many issues resolved were related to performance and password security. Several vulnerabilities could have allowed malicious users to gain access to a list of authenticated users, or to change the password of an unattended station through the login screen. [full story]
June 19 - 9:50pm EDT
Apple on Thursday unveiled a new security update rolled into Safari 3.1.2 for Windows. Which offers users protection against vulnerabilities with the imaging engine, file saving, and malicious code execution. Users could have been affected by maliciously crafted BMP or GIF files, which could allow assailants to learn what is in active memory at any given time. Safari 3.1.2 for Windows is available through Apple Software Update, as well as the company's support page. [full story]
March 18 - 5:15pm EDT
Apple today unveiled Security Update 2008-002, which provides a number of fixes for several system vulnerabilities found in AFP, CUPS, AppKit, and several other system-level resources. Most of the vulnerabilities revolve around maliciously crafted URLs granting access to system-level privileges, while others allow users to bypass system security. The majority of fixes are for Mac OS X 10.4 Tiger and Tiger Server users, while some apply to the 10.5 Leopard equivalents. [full story]
February 11 - 6:00pm EST
Apple's latest Mac OS X Leopard 10.5.2 update and 2008-001 security update for 10.4 Tiger users fixes a number of different vulnerabilities that have existed in a number of different system resources. A stack buffer overflow in Directory Services could allow a local user to execute arbitrary code, while still maintaining system privileges. The issue is resolved by improved bounds checking, and is included with the update. [full story]<< first1last >>
