If you follow my weekly security video, WatchGuard Security Week in Review, you probably already know that Apple released both an OS X and Safari security update last week. Hopefully, you’ve already applied those two updates, but if not I highly recommend you do so immediately. Among other things, the OS X update includes a Java related security fix. Lately, cyber criminals have really targeted Java in attacks against both Macs and PCs, so it’s important you apply all Java related updates as quickly as you can.
This week, Apple also released iOS and Apple TV security updates. These updates fix a number of security issues in these popular products. High on the list of fixed issues was a very highly publicized lock screen bypass flaw in iOS, which an attacker could exploit to gain access to the data on your phone when lost or stolen. iOS 6.1.3 fixes that particular lock screen issues, and a few other vulnerabilities. However, later in the week news emerged of another lockscreen flaw that affects iPhone 4s. So it looks like Apple will have some more lock screen related updates in their future.
In any case, if you use Apple devices, you’re probably affected by at least one of these issues. So I recommend you go get the corresponding updates, or let Apple’s automatic update mechanisms do their job. — Corey Nachreiner, CISSP (@SecAdept)
A good reminder to give those Apple users who stubbornly insist that their OS is more secure, so they don’t need to worry. While Apple has been remarkably virus free for years, traditional viruses are not the only vulnerability. Just as important is the reminder to IT staff that often wish otherwise that we live in a heterogeneous world, and need to pay attention to more than Windows and Cisco updates.
A good reminder to give those Apple users who stubbornly insist that their OS is more secure, so they don’t need to worry. While Apple has been remarkably virus free for years, traditional viruses are not the only vulnerability. Just as important is the reminder to IT staff that often wish otherwise that we live in a heterogeneous world, and need to pay attention to more than Windows and Cisco updates.