Apple Security Updates

Apple released a massive security update (2011-006) on October 13 to address more than 70 vulnerabilities in the following operating systems:

  • Mac OS X 10.6.8
  • Mac OS X Server 10.6.8
  • Mac OS X 10.7, 10.7.1
  • Mac OS X Server 10.7, 10.7.1

A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system.

Two security issues were patched in the Mac OS X kernel, one in CoreStorage, two in CoreMedia, while others were in CoreProcesses, CoreFoundation, CFNetwork, and even the application firewall.

According to an article on installation errors have occurred with this update in some instances:

“Apple OS X Security Update makes MacBook kernel panic at boot,” warned security researcher Dragos Ruiu on Twitter. He later confirmed that other users have experienced similar problems, particularly on systems with Lion/Snow Leopard dual-boot configurations. “If you have two or more OS partitions on [MacBook Pro] it breaks,” the security expert said.

Graham Cluley, a senior technology consultant at Mac OS antivirus provider Sophos, couldn’t confirm the Mac OS X boot issues, but advised users to postpone updating if they believe they might be affected.

“My advice would be to contact Apple technical support – and see if they have a resolution for the problem. If you suspect you may be impacted by the issue it may be wise to hold off installing the security update until Apple has confirmed if it has fixed it,” Cluley said.

Apple also released updates for Safari (version 5.1.1), Mac OS X 10.7.2 to fix security issues and introduce iCloud, and iOS (version 5) to fix nearly 100 security flaws.



About MIT
IT Security Awareness Consultant and Communications Specialist at MIT

Comments are closed.

%d bloggers like this: