Apple security updates

ronjor · Sep 18, 2014

This document outlines security updates for Apple products.

Xcode 6.0.1 OS X Mavericks v10.9.4 or later 17 Sept 2014

Apple TV 7 Apple TV 3rd generation and later 17 Sept 2014

iOS 8 iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later 17 Sept 2014
Click to expand...

http://support.apple.com/kb/HT1222

siljaline · Sep 19, 2014

About the security content of iOS 8 | This document describes the security content of iOS 8.
http://support.apple.com/kb/HT6441

siljaline · Sep 21, 2014

Siri Lets Anyone Bypass Your iPhone's Lockscreen -- Feature or Bug?
http://www.forbes.com/sites/kashmir...ypass-your-iphones-lockscreen-feature-or-bug/

siljaline · Sep 23, 2014

Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack

Apple’s shiny new iPhone 6 can be spoofed with the same fake fingerprints that tricked its older sibling, the iPhone 5S.
That's according to mobile security firm Lookout, which said it discovered that it is possible to create a fake fingerprint that's capable of fooling the TouchID fingerprint sensor of the latest iPhones (6 and 6 Plus are apparently equally vulnerable).
Click to expand...

http://www.theregister.co.uk/2014/09/23/iphone_6_still_vulnerable_to_touchid_fingerprint_hack/

siljaline · Sep 25, 2014

Loss of cellular service or ability to use Touch ID after updating to iOS 8.0.1 on iPhone 6 or iPhone 6 Plus
• This is a proposed Apple workaround and not a fix •
http://support.apple.com/kb/HT6487

siljaline · Sep 26, 2014

iPhone owners rip Apple over botched iOS update

iPhone owners are angry. Really really angry.
"In my 25 years of using Apple products I have never experienced such a complete lack of attention to detail from them," said someone identified only as Dillinger in one of several hundred messages on an Apple support discussion thread. [...]
Click to expand...

http://www.networkworld.com/article...owners-rip-apple-over-botched-ios-update.html

ronjor · Sep 29, 2014

Apple patches “Shellshock” Bash bug in OS X 10.9, 10.8, and 10.7
Fixes Bash bug discovered last week that's already been seen in the wild.

by Andrew Cunningham - Sept 29 2014, 6:00pm CST
Click to expand...

http://arstechnica.com/apple/2014/09/apple-patches-shellshock-bash-bug-in-os-x-10-9-10-8-and-10-7/

ronjor · Oct 6, 2014

Apple updates XProtect to kill iWorm botnet threat
Posted on 06.10.2014

Zeijka Zorz

Apple has released an update for its XProtect anti-malware system which makes it detect three different version of the iWorm OS backdoor malware discovered last week by AV specialists from Dr. Web.
Click to expand...

http://www.net-security.org/malware_news.php?id=2878

ronjor · Oct 18, 2014

Obtaining OS X

Information about obtaining OS X (client) can be found here. Information about obtaining OS X Server can be found here.
Click to expand...

http://support.apple.com/kb/HT1222

ronjor · Oct 18, 2014

OS X Yosemite: List of available trusted root certificates
Click to expand...

http://support.apple.com/kb/HT6005

ronjor · Oct 20, 2014

Apple security updates 20 Oct 2014

This document outlines security updates for Apple products.

Apple TV 3rd generation and later 20 Oct 2014
iOS 8.1 iPhone 4s and later, iPad 2 and later, iPod touch (5th generation) and later 20 Oct 2014
iTunes 12.0.1 Windows 8, Windows 7, Vista, XP SP2 or later 16 Oct 2014
OS X Server v2.2.5 OS X Mountain Lion v10.8.5 16 Oct 2014
OS X Server v3.2.2 OS X Mavericks v10.9.5 or later 16 Oct 2014
OS X Server v4.0 OS X Yosemite v10.10 16 Oct 2014
Security Update 2014-005 OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5 16 Oct 2014
OS X Yosemite v10.10 Mac OS X v10.6.8 and later 16 Oct 2014
Click to expand...

https://support.apple.com/kb/HT1222

ronjor · Nov 18, 2014

Apple TV 7.0.2 17 Nov 2014
OS X Yosemite v10.10.1 17 Nov 2014
iOS 8.1.1 17 Nov 2014
Click to expand...

http://support.apple.com/en-us/HT1222

ronjor · Dec 23, 2014

by Michael Mimoso

Apple last night for the first time pushed an automated patch to Mac OS X users, taking care of critical Network Time Protocol (NTP) vulnerabilities.
Click to expand...

http://threatpost.com/apple-patches-ntp-vulnerabilities-in-first-automated-patch/110090

siljaline · Dec 24, 2014

The Apple support link - in case anyone missed it.
http://support.apple.com/en-us/HT6601

Also from Reuters -
Apple pushes first ever automated security update to Mac users
http://www.reuters.com/article/2014/12/23/us-apple-cybersecurity-idUSKBN0K108W20141223

ronjor · Jan 28, 2015

New OS X Yosemite version fixes critical security issues, including Thunderstrike
Posted on 28 January 2015.

Apple has released the latest version of OS X Yosemite (v10.10.2) and the first security update (2015-001) for this year, and among the problems fixed is one affecting the CPU software, allowing malicious Thunderbolt devices to modify the host firmware if connected during an EFI update.
Click to expand...

http://www.net-security.org/secworld.php?id=17884

About the OS X Yosemite v10.10.2 Update

siljaline · Jan 28, 2015

About the security content of OS X Yosemite v10.10.2 and Security Update 2015-001
http://support.apple.com/en-us/HT204244

ronjor · Mar 18, 2015

By Eduard Kovacs on March 18, 2015

Apple announced on Tuesday that is has addressed multiple security holes with the release of Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4.
Click to expand...

http://www.securityweek.com/apple-fixes-webkit-vulnerabilities-release-safari-804

ronjor · Apr 8, 2015

Apple security updates 08 Apr 2015

This document describes recent updates and releases.
Click to expand...

https://support.apple.com/en-us/HT201222

mirimir · Apr 9, 2015

The Admin framework in Apple OS X contains a hidden backdoor API to root privileges. It’s been there for several years (at least since 2011), I found it in October 2014 and it can be exploited to escalate privileges to root from any user account in the system.

The intention was probably to serve the “System Preferences” app and systemsetup (command-line tool), but any user process can use the same functionality.

Apple has now released OS X 10.10.3 where the issue is resolved. OS X 10.9.x and older remain vulnerable, since Apple decided not to patch these versions. We recommend that all users upgrade to 10.10.3.
Click to expand...

https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-privileges-in-apple-os-x/

ronjor · Apr 17, 2015

Yosemite 10.10.3 breaks some applications and HTTPS sites

By Martin Heller

On the other hand, users and software developers alike expect minor version upgrades to fix bugs and introduce only new features that don't break stuff. But that's not the case with Yosemite 10.10.3, which broke a number of HTTPS websites, Web services, and applications that download content from those sites and services.
Click to expand...

http://www.infoworld.com/article/29...breaks-some-applications-and-https-sites.html

ronjor · Apr 21, 2015

Failed Apple Rootpipe Fix Leaves Backdoor On All Macs, Researchers Claim

4/19/2015 Thomas Fox-Brewster
Forbes Staff

Patrick Wardle, a former NSA staffer who now heads up research at security firm Synack, said he was on a flight when he discovered he was still able to exploit the Rootpipe vulnerability, which essentially opened up a path to the highest privilege level, known as root access.
Click to expand...

http://www.forbes.com/sites/thomasbrewster/2015/04/19/apple-fails-to-patch-rootpipe/

ronjor · Jul 1, 2015

Apple releases tons of security updates for recent flaws and exploits

Glenn Fleishman (Macworld.com) on 01 July, 2015 10:53

You can find the full list of security issues on pages for iOS 8.4 and OS X 10.10.4, which also includes items in Security Update 2015-005 for older OS X releases.
Click to expand...

http://www.cso.com.au/article/578734/apple-releases-tons-security-updates-recent-flaws-exploits/

https://support.apple.com/en-us/HT204941

https://support.apple.com/en-us/HT204942

ronjor · Jul 11, 2015

Adobe Flash Player updates address a recently identified Adobe Flash Player web plug-in vulnerability.
Click to expand...

https://support.apple.com/en-us/HT202681

ronjor · Aug 13, 2015

This document outlines security updates for Apple products.

For the protection of our customers, Apple does not disclose, discuss or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.

This document describes recent updates and releases.
Click to expand...

https://support.apple.com/en-us/HT201222

ronjor · Aug 23, 2015

QuickTime 7.7.8
QuickTime
Available for: Windows 7 and Windows Vista
Impact: Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.
Click to expand...

https://support.apple.com/en-us/HT205046

Log in or Sign up

Apple security updates

ronjor Global Moderator

siljaline Registered Member

siljaline Registered Member

siljaline Registered Member

siljaline Registered Member

siljaline Registered Member

ronjor Global Moderator

ronjor Global Moderator

ronjor Global Moderator

ronjor Global Moderator

ronjor Global Moderator

ronjor Global Moderator

ronjor Global Moderator

siljaline Registered Member

ronjor Global Moderator

siljaline Registered Member

ronjor Global Moderator

ronjor Global Moderator

mirimir Registered Member

ronjor Global Moderator

ronjor Global Moderator

ronjor Global Moderator

ronjor Global Moderator

ronjor Global Moderator

ronjor Global Moderator

ISC Releases Security Updates for BIND 22 Feb 2019

NIST Risk Management Framework 2.0 Updates Cyber-Security Policy

WebKit Vulnerability Affects Latest Versions of Apple Safari

For Apple users without latest security updates, the letter 'd' is not always the letter 'd'

Security Update for Foxit PDF Reader Fixes 118 Vulnerabilities

Log in or Sign up

Apple security updates

ronjor Global Moderator

siljaline Registered Member

siljaline Registered Member

siljaline Registered Member

siljaline Registered Member

siljaline Registered Member

ronjor Global Moderator

ronjor Global Moderator

ronjor Global Moderator

ronjor Global Moderator

ronjor Global Moderator

ronjor Global Moderator

ronjor Global Moderator

siljaline Registered Member

ronjor Global Moderator

siljaline Registered Member

ronjor Global Moderator

ronjor Global Moderator

mirimir Registered Member

ronjor Global Moderator

ronjor Global Moderator

ronjor Global Moderator

ronjor Global Moderator

ronjor Global Moderator

ronjor Global Moderator

ISC Releases Security Updates for BIND 22 Feb 2019

NIST Risk Management Framework 2.0 Updates Cyber-Security Policy

WebKit Vulnerability Affects Latest Versions of Apple Safari

For Apple users without latest security updates, the letter 'd' is not always the letter 'd'

Security Update for Foxit PDF Reader Fixes 118 Vulnerabilities

Useful Searches