Security Fixes for Mac OS X

Monday, September 22, 2014 @ 10:09 AM gHale


On the heels of releasing an iOS update early last week, Apple released updates of products, including its operating system which addresses security fixes.

Apple released Mac OS X Mavericks 10.9.5 Thursday which fixed over 40 vulnerabilities affecting components such as PHP, Bluetooth, the CoreGraphics framework, the Intel graphics driver, the Foundation framework, IOKit, IOHIDFamily, IOAcceleratorFamily, the kernel, OpenSSL, QT Media Foundation and Ruby.

RELATED STORIES
Apple Releases iOS 8
Apple Adds iCloud Two-Step Verification
Apple Hikes iCloud Security
Hackers Target Mac OS X

The flaws can lead to arbitrary code execution, information disclosure, application termination, privilege elevation, and bypass of kernel address space layout randomization.

In August, Apple told application developers they would have to re-sign their apps if they don’t want them to end up blocked by the company’s Gatekeeper anti-malware feature. Apple said at the time they would block that applications with version 1 signatures after the release of OS X Mavericks 10.9.5. However, a developer reported apps signed with version 1 signatures still work.

Security holes patched in OS X Mavericks are the same as the ones addressed by Apple with the release of iOS 8, in which the company also fixed some “backdoors” brought to light earlier this year by a forensics specialist.

In addition to OS X Mavericks, Apple released security updates for OS X Server, the Safari Web browser, Apple TV and the Xcode development platform.

In Safari, Apple fixed several WebKit vulnerabilities and an issue that could end up exploited by an attacker with a privileged position on the network to intercept user credentials. With the release of OS X Server versions 2.2.3 and 3.2.1, the company fixed various CoreCollaboration issues.



Leave a Reply

You must be logged in to post a comment.