Apple Releases Slew of Security Updates (OSX, Safari, iTunes, iOS 5, aTV)
I wasn’t going to post about last week’s fairly significant iTunes update, but then Apple went and patched a whole bunch of vulnerabilities across the board. Some of these are fairly significant so I thought I would provide a short breakdown of the changes. Either way, you should definitely be patching all of your Apple devices and software tonight.
Hit the jump for a summary of the key vulnerabilities patched in Apple’s security updates.
Mac OS X 10.7.2 (and Security Update 2011-006 for Mac OS X 10.6.8)
- Fixed issue allowing changing of user password without existing password and recovering user password hashes
- Fixed issue allowing login without credentials when using Open Directory
- Fix to FileVault 2 where 250MB of data at start of volume was left unencrypted
- Updates to the certificate trust policy (more changes from last update)
- Fix issue in Kernel allowing attacker with physical access to recover user password through FireWire
- Disk images (.dmg) and installer packages (.pkg) removed from “safe” file types
- Snow Leopard Only: Fix for a screen lock bypass for Cinema Display users
- Various fixes to QuickTime and other ‘malicious file’ handling issues
Safari 5.1.1
- Fixes a major issue that allowed a website to remotely launch binaries and execute commands on the local system
- Fixes an issue allowing malicious javascript to be executed in the context of an installed Safari extension
- Fixes numerous WebKit vulnerabilities that could result in arbitrary code execution
- Viewing maliciously-crafted Microsoft Office documents may lead to arbitrary code execution
iOS 5
- Fixes issue where an attacker may intercept credentials to a CalDAV server
- Fixes issue where iOS applications could access the user’s AppleID credentials that were logged to a file
- Removal of DigiNotar Root CA certificate
- SSL certificates signed using MD5 algorithm no longer trusted except for Root CA certificates
- Addition of TLSv1.2 to help prevent BEAST-style SSL attacks
- Parental controls password was stored in a plaintext file that could be accessed by applications
- Numerous (69) WebKit fixes, some of which may result in arbitrary code execution
- WiFi passwords were stored in a plaintext file that could be accessed by applications
iOS ‘Pages‘ and ‘Numbers‘ versions 1.5
- Fixed a memory corruption vulnerability with Microsoft Word and Excel documents that could lead to arbitrary code execution
iTunes 10.5
- iTunes no longer requires the installation of QuickTime on Windows
- Fixes a number of arbitrary code execution vulnerabilities already patched in Mac OS X 10.6.8 or 10.7.2
Apple TV 4.4