Saturday, 15 August 2015

Apple Patches 232 Vulnerabilities In Mac OS X, iOS, Safari And Server


Apple yesterday evening updates for Mac OS X, iOS, Safari and OS X Server released that fix 232 leaks together. Through the vulnerabilities could allow an attacker in the worst case code on the respective platforms. Most of the vulnerabilities patched in Mac OS X.

OS X Security Update 2015-006 and Yosemite v10.10.5 fix 133 leaks, including a zero-day vulnerability that was used by an adware installer. Through the vulnerabilities could a malicious app to change the password of a local user, the malicious Wi-Fi networks was possible to identify previously used Wi-Fi networks and could run a local user code with system privileges. Also, there are many vulnerabilities patched that allowed the execution of arbitrary code, for example through processing of malicious fonts. The updates can be downloaded via the Mac App Store or Apple's Software Downloads.

For owners of an iPad, iPod Touch or iPhone iOS 8.4.1 released. This version fixes 71 vulnerabilities. Again, an attacker through malicious fonts, office files and video files, execute arbitrary code. Furthermore, it was possible for malicious websites to spoof the user interface. These malicious websites could open another website and ask the user for input without the user to see which website the request was submitted. The update can be downloaded via iTunes and the Software Update feature on the device.

Via Safari 8.0.8, Safari 7.1.8 and Safari 6.2.8 includes 27 vulnerabilities in the past. Through the leak could allow an attacker code on the system if the user visited a malicious Web site. Also, the leaking of cookies remedied and it is no longer possible to trace the history of private browsing sessions. The new versions can be downloaded via the Mac App Store. Last but OS X Server 4.1.5 appeared that fixes one vulnerability that an attacker can cause a denial of service.

No comments:

Post a Comment