DarkFiber Consulting - IT Managed Services » Mac Os X

Apple Releases Security Update 2010-004 and Mac OS X v10.6.4

DarkFiber Consulting — Wed, 23 Jun 2010 18:43:57 +0000

Apple has released Security Update 2010-004 and Mac OS X v10.6.4 to address multiple vulnerabilities that affect a number of applications. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, operate with elevated privileges, conduct man-in-the-middle attacks, alter configuration settings, or conduct cross-site scripting attacks.

Note that these Apple updates include Adobe Flash Player plugin version 10.0.45.2, which contains vulnerabilities previously identified in Adobe Security Bulletin APSB10-14. The Adobe Product Security Incident Response Team (PSIRT) has published a blog entry recommending that Mac OS X users upgrade to the latest version of the Flash Player (version 10.1.53.64) after applying these Apple updates.

DarkFiber Consulting encourages users and administrators to review Apple Article HT4188 and the Adobe PSIRT blog entry and apply any necessary updates to help mitigate the risks.

Tags: Adobe Flash Player, Adobe Product, Apple Article, Apple Updates, Arbitrary Code, Attacker, Blog Entry, Configuration Settings, Cross Site Scripting, Denial Of Service, Flash Player Plugin, Flash Player Version, Incident Response Team, Mac Os X, Necessary Updates, Product Security, Psirt, Security Bulletin, Security Incident Response, Vulnerabilities

Apple Releases Safari 5.0 and Safari 4.1

DarkFiber Consulting — Wed, 23 Jun 2010 18:43:53 +0000

Apple has released Safari 5.0 and Safari 4.1 for Windows and Mac OS X to address multiple vulnerabilities in ColorSync, Safari, and WebKit. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, obtain sensitive information, or conduct cross-site scripting attacks.

DarkFiber Consulting encourages users and administrators to review Apple article HT4196 and apply any necessary updates to help mitigate the risks.

Tags: Apple Article, Arbitrary Code, Attacker, Cross Site Scripting, Denial Of Service, Mac Os X, Necessary Updates, Os X, Safari, Vulnerabilities, Windows Os

Sun Releases Update 17 for Java SE 6

DarkFiber Consulting — Thu, 10 Dec 2009 18:49:50 +0000

Sun has released update 17 for Java SE JDK 6 and Java SE JRE 6 to address multiple vulnerabilities. The impacts of these vulnerabilities include arbitrary code execution, privilege escalation, denial of service, and information disclosure.

DarkFiber Consulting encourages users and administrators to review the Java SE 6 Update 17 release notes and apply any necessary updates to help mitigate the risks.

Apple has released Java for Mac OS X 10.6 Update 1 and Java for Mac OS X 10.5 Update 6 to address these vulnerabilities. Mac users are encouraged to review Apple articles HT3969 and HT3970 and apply any necessary updates to help mitigate the risks.

Tags: Apple Mac, Apple Os, Arbitrary Code Execution, Denial Of Service, Escalation, Information Disclosure, Java Jdk, Java Mac, Java Notes, Java Os, Java Sun, Java Update, Jdk 6, Mac Os X, Mac Users, Necessary Updates, Os X, Privilege, Sun Java, Sun Releases

Apple Releases Java Updates for Mac OS X 10.4 and 10.5

DarkFiber Consulting — Thu, 02 Jul 2009 21:50:54 +0000

Apple has released Java for Mac OS X 10.4 Release 9 and Java for Mac OS X 10.5 Update 4 to address multiple vulnerabilities in Java. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code.

DarkFiber Consulting encourages users and administrators to review Apple articles HT3633 and HT3632 and apply any necessary updates to help mitigate the risks.

Tags: Address, Apple Mac, Apple Os, Apple Updates, Arbitrary Code, Attacker, Java For Mac, Java Mac, Java Os, Java Updates, Mac 10, Mac Os X, Mac Update, Necessary Updates, Os 9, Os X, Vulnerabilities

Apple Releases Safari 4.0

DarkFiber Consulting — Thu, 02 Jul 2009 21:50:51 +0000

Apple has released Safari 4.0 for Windows and Mac OS X to address multiple vulnerabilities in CFNetwork, CoreGraphics, ImageIO, International Components for Unicode, libxml, Safari, Safari Windows Installer, and WebKit. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, obtain sensitive information, bypass security restrictions, or conduct cross-site scripting attacks.

DarkFiber Consulting encourages users and administrators to review Apple article HT3613 and upgrade to Safari 4.0 to help mitigate the risks.

Tags: Apple Article, Arbitrary Code, Attacker, Denial Of Service, International Components, Mac Os X, Os X, Safari, Security Restrictions, Unicode, Vulnerabilities, Windows Installer

Apple Releases Security Updates for Multiple Vulnerabilities

DarkFiber Consulting — Mon, 15 Dec 2008 21:17:08 +0000

Apple has released Security Update 2008-008 and Mac OS X v10.5.6 to address multiple vulnerabilities in Mac OS X and related products. The impacts of these vulnerabilities include arbitrary code execution, privilege escalation, denial of service, or information disclosure.

DarkFiber Consulting encourages users to review Apple article HT3338 and apply the appropriate updates.

Tags: Address, Apple Article, Apple Updates, Arbitrary Code Execution, Denial Of Service, Escalation, Information Disclosure, Mac Os X, Os X, Privilege, Related Products, Security Updates

Apple Releases Java Updates for Mac OS X 10.4 and 10.5

DarkFiber Consulting — Fri, 26 Sep 2008 04:12:52 +0000

Apple has released updates for Java for Mac OS X 10.4 and 10.5 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code.

DarkFiber Consulting encourages users to review Apple Article HT3178 and HT3179 and apply any necessary updates to help mitigate the risks.

Tags: Address, Apple Article, Apple Mac, Apple Os, Apple Updates, Arbitrary Code, Attacker, Java For Mac, Java Mac, Java Os, Java Updates, Mac 10, Mac Os X, Necessary Updates, Os X

Apple Releases Security Updates for Multiple Vulnerabilities

DarkFiber Consulting — Wed, 17 Sep 2008 04:20:33 +0000

Apple has released Security Update 2008-006 and Mac OS X v10.5.5 to address multiple vulnerabilities in Mac OS X and related products. The impacts of these vulnerabilities include arbitrary code execution, information disclosure, denial of service, privilege escalation, or DNS cache poisoning.

DarkFiber Consulting encourages users to review Apple article HT3137 and apply the appropriate updates as soon as possible.

DarkFiber Consulting will provide additional details as the they become available.

Tags: Additional Details, Address, Apple Article, Apple Updates, Arbitrary Code Execution, Denial Of Service, Escalation, Information Disclosure, Mac Os X, Os X, Related Products, Security Updates, Service Privilege

Mozilla Releases Firefox 3.0.1

DarkFiber Consulting — Fri, 18 Jul 2008 19:52:47 +0000

Mozilla has released Firefox 3.0.1 to address three vulnerabilities. Exploitation of these vulnerabilities may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. One of these vulnerabilities may also affect Thunderbird and SeaMonkey. Two of these vulnerabilities were previously fixed in Firefox 2.0.0.16 as well; please see the DarkFiber Consulting Current Activity entry Mozilla Releases Firefox 2.0.0.16 for additional information.

DarkFiber Consulting encourages users to review the following Mozilla Foundation Security Advisories and upgrade to Firefox 3.0.1 or implement the workarounds provided in the documents to help mitigate the risks:

MFSA 2008-34 : Remote code execution by overflowing CSS reference counter
MFSA 2008-35 : Command-line URLs launch multiple tabs when Firefox not running
MFSA 2008-36 : Crash with malformed GIF file on Mac OS X

Tags: Address, Arbitrary Code, Attacker, Code Execution, Crash, Css Reference, Current, Denial Of Service, Gif File, Mac Os X, Mozilla Foundation Security Advisories, Mozilla Releases, Os X, Running, Seamonkey, Tabs, Thunderbird, Vulnerabilities, Workarounds