If you run any Apple devices (anything running OS X or iOS, such as a Mac computer, iPad, or iPhone), you will want to check your patch status.
US-CERT Current Activity: Apple Releases Security Updates
US-CERT Current Activity: Apple Releases Security Updates
added April 15, 2011 at 09:40 am
Apple has released the following security updates:
Security Update 2011-002
addresses a vulnerability in the Certificate Trust Policy for Mac OS X
v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.7, Mac OS X Sever
v10.6.7. Exploitation of this vulnerability may allow an attacker to
intercept user credentials, or obtain sensitive information.
Safari 5.0.5
addresses two vulnerabilities affecting the WebKit package.
Exploitation of these vulnerabilities may allow an attacker to execute
arbitrary code or cause a denial-of-service condition.
iOS 4.2.7 Software Update for iPhone
addresses multiple vulnerabilities affecting the Certificate Trust
Policy, QuickLook, and WebKit Packages. Exploitation of these
vulnerabilities may allow an attacker to execute arbitrary code, cause a
denial-of-service condition, intercept user credentials, or obtain
sensitive information.
iOS 4.3.2 Software Update
addresses multiple vulnerabilities affecting the Certificate Trust
Policy, libxslt, QuickLook, and WebKit. Exploitation of these
vulnerabilities may allow an attacker to execute arbitrary code, cause a
denial-of-service condition, intercept user credentials, or obtain
sensitive information, or bypass security restrictions.
US-CERT encourages users and administrators to review Apple articles HT4608, HT4596, HT4607, and HT4606 and apply any necessary updates to help mitigate the risks.
No comments:
Post a Comment