If your office gets quiet around the week leading up to Christmas and New Years, as many seem to, you may have missed a few interesting security stories during this lull. Let me catch you up in one fell swoop. Below, I quickly highlight a menagerie of interesting security stories, which you may have missed over the past two weeks: Unpatched Vulnerability in Windows … [Read more...]
Apple Releases a Pile of Security Updates in October
If you use Apple products, you'll be busy updating this month. Today, Apple released a bunch of security advisories (on their Security Update page), informing customers of updates for many of their products. Here's a list of security advisories for all the updated products: OS X Lion v10.7.2 and Security Update 2011-006 iTunes 10.5 Safari 5.1.1 iOS 5 Software … [Read more...]
Apple Releases OS X, Safari, and iOS Security Updates
Yesterday, Apple released a handful of security advisories for various products, including: OS X 10.6.x (Snow Leopard) Safari 5.0.5 for Mac and Windows iOS 4.3.2 iOS 4.2.7 (for CDMA iPhones) The Snow Leopard update only fixes one security issue. If you read my "Fraudulent Certificate" post from a few weeks ago, you know that attackers were able to get their grubby hands … [Read more...]
2011's First OS X Update Patches 57 Vulnerabilities
Summary: These vulnerabilities affect: All current versions of OS X 10.5.x (Leopard) and OS X 10.6.x (Snow Leopard) How an attacker exploits them: Multiple vectors of attack, including enticing your users to visit a malicious web site, or into downloading and viewing various documents or images Impact: Various results; in the worst case, an attacker executes code on your … [Read more...]