Jump to content


Photo

Apple Mac OS X updates


  • Please log in to reply
160 replies to this topic

#151 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,134 posts

Posted 24 April 2014 - 04:18 PM

FYI...

iOS 7.1.1
- http://support.apple.com/kb/HT6208
Apr 22, 2014 - iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later
- https://secunia.com/advisories/58140/

OSX Security Update 2014-002
- http://support.apple.com/kb/HT6207
Apr 22, 2014 - OS X Lion v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2
- https://secunia.com/advisories/58081/

AirPort Base Station Firmware Update 7.7.3
- http://support.apple.com/kb/HT6203
Apr 22, 2014 - AirPort Extreme and AirPort Time Capsule base stations with 802.11ac
- https://secunia.com/advisories/58142/

- http://support.apple.com/kb/HT1222
 

:ph34r: :ph34r:


This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#152 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,134 posts

Posted 19 May 2014 - 05:56 AM

FYI...

iTunes 11.2 released
- http://support.apple.com/kb/HT6245
May 15, 2014
- https://www.apple.com/itunes/download/
iTunes 11.2 for XP, Vista or Win7

Apple Security Update 2014-002 released
- http://support.apple.com/kb/HT6207
May 8, 2014

- http://support.apple.com/kb/HT6246
May 15, 2014
___

OS X Mavericks:
Users folder isn't visible after updating to iTunes 11.2
- http://support.apple.com/kb/TS5434
May 17, 2014
... Resolution: Update to iTunes 11.2.1 or later

- http://isc.sans.edu/...l?storyid=18135
Last Updated: 2014-05-17 15:24:06 UTC

- http://www.securityt....com/id/1030255
CVE Reference: https://web.nvd.nist...d=CVE-2014-1347 - 4.4
May 18 2014
Impact: Modification of system information, Modification of user information, Root access via local system, User access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes ...
Solution: The vendor has issued a fix (11.2.1).  
Vendor URL: http://support.apple.com/kb/HT6251
___

OS X Server 3.1.2 / APPLE-SA-2014-15-20-1:
- http://support.apple.com/kb/HT6248
May 20, 2014
- https://web.nvd.nist...d=CVE-2013-4164 - 6.8 (HIGH)
 

:ph34r: :ph34r:


Edited by AplusWebMaster, 21 May 2014 - 08:00 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#153 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,134 posts

Posted 22 May 2014 - 09:50 AM

FYI...

Safari 6.1.4, 7.0.4 released
- http://support.apple.com/kb/HT6254
May 21, 2014

- http://support.apple.com/kb/HT1222

- http://www.securityt....com/id/1030269
CVE Reference: CVE-2013-2875, CVE-2014-1323, CVE-2014-1324, CVE-2014-1326, CVE-2014-1327, CVE-2014-1329, CVE-2014-1330, CVE-2014-1331, CVE-2014-1333, CVE-2014-1334, CVE-2014-1335, CVE-2014-1336, CVE-2014-1337, CVE-2014-1338, CVE-2014-1339, CVE-2014-1341, CVE-2014-1342, CVE-2014-1343, CVE-2014-1344, CVE-2014-1731, CVE-2014-1346
May 22 2014
Impact: Execution of arbitrary code via network, Modification of user information, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to versions 6.1.4, 7.0.4 ...
Solution: The vendor has issued a fix (6.1.4, 7.0.4).
The vendor's advisory is available at:
- http://support.apple.com/kb/HT6254
 

:ph34r: :ph34r:


Edited by AplusWebMaster, 22 May 2014 - 09:57 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#154 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,134 posts

Posted 01 July 2014 - 02:18 PM

FYI...

OS X 10.9.4 / Security Update 2014-003
- https://support.apple.com/kb/HT6296
Jun 30, 2014
- http://www.securityt....com/id/1030505
CVE Reference: CVE-2014-1317, CVE-2014-1370, CVE-2014-1371, CVE-2014-1372, CVE-2014-1373, CVE-2014-1375, CVE-2014-1376, CVE-2014-1377, CVE-2014-1378, CVE-2014-1379, CVE-2014-1380, CVE-2014-1381

Safari 6.1.5 / 7.0.5
- https://support.apple.com/kb/HT6293
Jun 30, 2014
- http://www.securityt....com/id/1030495
CVE Reference: CVE-2014-1325, CVE-2014-1340, CVE-2014-1345, CVE-2014-1362, CVE-2014-1363, CVE-2014-1364, CVE-2014-1365, CVE-2014-1366, CVE-2014-1367, CVE-2014-1368, CVE-2014-1369, CVE-2014-1382

iOS 7.1.2
- http://support.apple.com/kb/HT6297
Jun 30, 2014
- http://www.securityt....com/id/1030500
CVE Reference: CVE-2014-1348, CVE-2014-1349, CVE-2014-1350, CVE-2014-1351, CVE-2014-1352, CVE-2014-1353, CVE-2014-1354, CVE-2014-1355, CVE-2014-1356, CVE-2014-1357, CVE-2014-1358, CVE-2014-1359, CVE-2014-1360, CVE-2014-1361
- http://support.apple.com/kb/HT4623

Apple TV 6.2
- http://support.apple.com/kb/HT6298
Jun 30, 2014
- http://www.securityt....com/id/1030503
CVE Reference: CVE-2014-1383
 

:ph34r: :ph34r:


Edited by AplusWebMaster, 02 July 2014 - 11:08 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#155 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,134 posts

Posted 11 July 2014 - 09:59 AM

FYI...

OS X / Safari - Flash Player updates available
- http://support.apple.com/kb/HT5655
July 10, 2014 - "... If the version of Adobe Flash plug-in you are using is out of date, you may see the message, "Blocked plug-in", "Flash Security Alert” or "Flash out-of-date" when attempting to view Flash content in Safari. Clicking the indicator displays an alert, "Adobe Flash Player is out-of-date."
In order to use Adobe Flash you need to update to a later version:
- Click the Download Flash button.
- Safari opens Adobe Flash Player installer page on the Adobe website.
- Click the Download now button on the Adobe website to download the latest Adobe Flash Player installer.
- After the download completes, open the downloaded disk image (usually located in your Downloads folder) if it does not open automatically.
    In the window that appears, open the installer and follow the onscreen instructions.
Note: If you need to run an older version of Flash, you can use web plug-in management* to re-enable it for specific websites using "Run in Unsafe Mode" (??) in Safari 6.1 or later..."
* http://support.apple.com/kb/HT5954
 

:ph34r: :ph34r:


This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#156 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,134 posts

Posted 13 August 2014 - 07:06 PM

FYI...

Safari 6.1.6, 7.0.6 released
- http://support.apple.com/kb/HT6367
Aug 13, 2014
Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.4
Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling...
___

- http://www.securityt....com/id/1030731
CVE Reference: CVE-2014-1384, CVE-2014-1385, CVE-2014-1386, CVE-2014-1387, CVE-2014-1388, CVE-2014-1389, CVE-2014-1390
Aug 14 2014
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to versions 6.1.6, 7.0.6 ...
Impact: A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution: The vendor has issued a fix (6.1.6, 7.0.6)...
 

:ph34r: :ph34r:


Edited by AplusWebMaster, 14 August 2014 - 04:43 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#157 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,134 posts

Posted 17 September 2014 - 10:15 PM

FYI...

iOS 8 released
- http://www.securityt....com/id/1030866
CVE Reference: CVE-2014-4352, CVE-2014-4353, CVE-2014-4354, CVE-2014-4356, CVE-2014-4357, CVE-2014-4361, CVE-2014-4362, CVE-2014-4363, CVE-2014-4364, CVE-2014-4366, CVE-2014-4367, CVE-2014-4368, CVE-2014-4369, CVE-2014-4371, CVE-2014-4372, CVE-2014-4373, CVE-2014-4374, CVE-2014-4375, CVE-2014-4377, CVE-2014-4378, CVE-2014-4379, CVE-2014-4380, CVE-2014-4381, CVE-2014-4383, CVE-2014-4384, CVE-2014-4386, CVE-2014-4388, CVE-2014-4389, CVE-2014-4404, CVE-2014-4405, CVE-2014-4407, CVE-2014-4408, CVE-2014-4409, CVE-2014-4410, CVE-2014-4411, CVE-2014-4412, CVE-2014-4413, CVE-2014-4414, CVE-2014-4415, CVE-2014-4418, CVE-2014-4419, CVE-2014-4420, CVE-2014-4421, CVE-2014-4422, CVE-2014-4423
Sep 18 2014
Impact: Denial of service via local system, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via local system, Execution of arbitrary code via network, Root access via local system, User access via local system, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 8.0 ...
Solution: The vendor has issued a fix (8.0).
The vendor's advisory is available at:
- http://support.apple.com/kb/HT6441
Sep 17, 2014

- http://support.apple.com/kb/HT1222
17 Sept 2014
iOS 8 - iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
___

Safari 6.2 and 7.1
- http://support.apple.com/kb/HT6440
Sep 18, 2014

OS X Mavericks v10.9.5 and Security Update 2014-004
- http://support.apple.com/kb/HT6443
Sep 18, 2014

OS X Server v3.2.1
- http://support.apple.com/kb/HT6448
Sep 18, 2014
___

- http://atlas.arbor.n...ndex#2074331089
High Severity
Sep 26, 2014
 

:ph34r:


Edited by AplusWebMaster, 28 September 2014 - 06:39 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#158 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,134 posts

Posted 25 September 2014 - 05:27 AM

FYI...

iOS 8.0.1 revoked - iPhone 6, 6+
- http://www.theinquir...tivity-touch-id
Sep 25, 2014 - "... iPhone 6 and iPhone 6 Plus users that downloaded the iOS 8.0.1 update and found that it somewhat ruined their days to roll back the update*. Apple released iOS 8.0.1 to iPhones on Wednesday, but all didn't go to plan. While speculation had suggested that the update would arrive with a slew of bug fixes, the update appears to have created more issues. Apple has accepted that some iPhone users have experienced loss of connectivity and breakage in Touch ID sign-in..."
* http://support.apple.com/kb/HT6487
Sep 25, 2014
___

- http://support.apple.com/kb/HT6487
Last Modified: Sep 26, 2014 - "iOS 8.0.2 is available now. It fixes the loss of cellular service and use of Touch ID that may have affected you if you have an iPhone 6 or iPhone 6 Plus and you downloaded iOS 8.0.1. It includes improvements and bug fixes originally in iOS 8.0.1. We apologize for inconveniencing you if you were affected by the bug in iOS 8.0.1. To resolve this issue, update your device to iOS 8.0.2* or later."
* http://support.apple.com/kb/HT4623

- https://discussions.... 8.0.2 problems
___

APPLE-SA-2014-09-23-1 OS X: Flash Player plug-in blocked
- https://lists.apple....p/msg00000.html
Sep 23, 2014
Due to security issues in older versions, Apple has updated the
web plug-in blocking mechanism to disable all versions prior to
Flash Player 15.0.0.152 and 13.0.0.244.

Information on blocked web plug-ins will be posted to:
- http://support.apple.com/kb/HT5655
Last Modified: Sep 24, 2014
 

:ph34r: :ph34r:


Edited by AplusWebMaster, 30 September 2014 - 06:57 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#159 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,134 posts

Posted 29 September 2014 - 06:17 PM

FYI...

OS X bash Updates ...
- http://support.apple.com/kb/HT6495
Sep 29, 2014 - Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5
Impact: In certain configurations, a remote attacker may be able to execute arbitrary shell commands
Description: An issue existed in Bash's parsing of environment variables. This issue was addressed through improved environment variable parsing by better detecting the end of the function statement...

APPLE-SA-2014-09-29-1 OS X bash Update 1.0
- https://lists.apple....p/msg00001.html
29 Sep 2014

OS X Lion
- http://support.apple.com/kb/DL1767
Sep 29, 2014
File Size: 3.5 MB

OS X Mountain Lion
- http://support.apple.com/kb/DL1768
Sep 29, 2014
File Size: 3.3 MB

OS X Mavericks
- http://support.apple.com/kb/DL1769
Sep 29, 2014
File Size: 3.3 MB

- http://arstechnica.c...-10-8-and-10-7/
Sept 29 2014
 

:ph34r: :ph34r:


Edited by AplusWebMaster, 30 September 2014 - 06:27 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#160 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,134 posts

Posted 17 October 2014 - 05:14 AM

FYI...

iTunes 12.0.1 released
- https://support.apple.com/kb/HT6537
Last Modified: Oct 16, 2014
CVE Reference(s): CVE-2013-2871, CVE-2013-2875, CVE-2013-2909, CVE-2013-2926, CVE-2013-2927, CVE-2013-2928, CVE-2013-5195, CVE-2013-5196, CVE-2013-5197, CVE-2013-5198, CVE-2013-5199, CVE-2013-5225, CVE-2013-5228, CVE-2013-6625, CVE-2013-6635, CVE-2013-6663, CVE-2014-1268, CVE-2014-1269, CVE-2014-1270, CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293, CVE-2014-1294, CVE-2014-1298, CVE-2014-1299, CVE-2014-1300, CVE-2014-1301, CVE-2014-1302, CVE-2014-1303, CVE-2014-1304, CVE-2014-1305, CVE-2014-1307, CVE-2014-1308, CVE-2014-1309, CVE-2014-1310, CVE-2014-1311, CVE-2014-1312, CVE-2014-1313, CVE-2014-1323, CVE-2014-1324, CVE-2014-1325, CVE-2014-1326, CVE-2014-1327, CVE-2014-1329, CVE-2014-1330, CVE-2014-1331, CVE-2014-1333, CVE-2014-1334, CVE-2014-1335, CVE-2014-1336, CVE-2014-1337, CVE-2014-1338, CVE-2014-1339, CVE-2014-1340, CVE-2014-1341, CVE-2014-1342, CVE-2014-1343, CVE-2014-1344, CVE-2014-1362, CVE-2014-1363, CVE-2014-1364, CVE-2014-1365, CVE-2014-1366, CVE-2014-1367, CVE-2014-1368, CVE-2014-1384, CVE-2014-1385, CVE-2014-1386, CVE-2014-1387, CVE-2014-1388, CVE-2014-1389, CVE-2014-1390, CVE-2014-1713, CVE-2014-1731, CVE-2014-4410, CVE-2014-4411, CVE-2014-4412, CVE-2014-4413, CVE-2014-4414, CVE-2014-4415
___

Security Update 2014-005
- https://support.apple.com/kb/HT6531
Oct 16, 2014
> https://www.us-cert....Update-2014-005
Oct 17, 2014 - "... Security Update 2014-005 to address vulnerabilities in SSL 3.0..."
___

OS X Server v4.0
- http://support.apple.com/kb/HT6536
Oct 16, 2014

- http://www.securityt....com/id/1031071
___

OS X Yosemite v10.10
- http://support.apple.com/kb/HT6535
Oct 16, 2014

- http://www.securityt....com/id/1031063

- http://www.securityt....com/id/1031065

OS X Yosemite: List of available trusted root certificates
- http://support.apple.com/kb/HT6005
Oct 17, 2014
 

:ph34r: :ph34r: :ph34r:


Edited by AplusWebMaster, 17 October 2014 - 01:31 PM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.


#161 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 9,134 posts

Posted 20 October 2014 - 10:49 PM

FYI...

iOS 8.1 released
- https://support.apple.com/kb/HT6541
Oct 20, 2014
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later

- http://www.securityt....com/id/1031077
CVE Reference: CVE-2014-4448, CVE-2014-4449, CVE-2014-4450
Oct 20 2014
Impact: Disclosure of system information, Disclosure of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 8.1 ...

- https://en.greatfire...unch-new-iphone
Oct 20, 2014 - "After previous attacks on Github, Google, Yahoo and Microsoft, the Chinese authorities are now staging a man-in-the-middle (MITM) attack on Apple’s iCloud... Firefox and Chrome will both prevent users from accessing iCloud.com when they are trying to access a site that is suffering from a MITM attack..."

- http://www.reuters.c...N0I92H020141021
Oct 21, 2014
___

Apple TV 7.0.1
- https://support.apple.com/kb/HT6542
Oct 20, 2014

- https://support.apple.com/kb/HT1222
 

:ph34r: :ph34r:


Edited by AplusWebMaster, 21 October 2014 - 07:43 AM.

This machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.





1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button