From 79fafe2f44f5e31522dd93013950474342bfdfb0 Mon Sep 17 00:00:00 2001 From: luxagraf Date: Sat, 4 May 2019 15:48:55 -0500 Subject: archived all the stuff from freelancing for wired --- .../Monkey_Bites/2007/07.30.07/Wed/osxupdate.txt | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 old/published/Webmonkey/Monkey_Bites/2007/07.30.07/Wed/osxupdate.txt (limited to 'old/published/Webmonkey/Monkey_Bites/2007/07.30.07/Wed/osxupdate.txt') diff --git a/old/published/Webmonkey/Monkey_Bites/2007/07.30.07/Wed/osxupdate.txt b/old/published/Webmonkey/Monkey_Bites/2007/07.30.07/Wed/osxupdate.txt new file mode 100644 index 0000000..f774adc --- /dev/null +++ b/old/published/Webmonkey/Monkey_Bites/2007/07.30.07/Wed/osxupdate.txt @@ -0,0 +1,16 @@ +The iPhone wasn't the only Apple updated yesterday, the company also [released a security update for OS X][1] which addresses no less than a dozen issues and there's a new version of the Safari 3 beta which fixes the same issues [mentioned in the earlier iPhone update][2]. + +Security Update 2007-007 fixes a number of known vulnerabilities in a variety of OS X components including Core Audio, WebKit, WebCore, bzip2, CFNetwork, Core Audio, cscope, gnuzip, Kerberos, mDNSResponder, PDFKit, PHP, Quartz Composer and samba. + +While a few of those are actual Apple software, the majority are open source tools used by OS X, which is something Apple has not been good about updating. For instance some the PHP issues addressed have been public since March and the Samba flaw has been known since May. + +The WebCore WebKit and updated Safari 3 beta all fix the same [vulnerabilities that affected the iPhone][2]. + +Perhaps the most serious of these patches is the fix for mDNSResponder, which, if left unpatched, can lead to attackers executing arbitrary code via a buffer overflow vulnerability. + +Security Update 2007-007 is available via Software Update or [from the Apple site][4]. The [Safari 3 beta update][3] is also available through Software Update or it can be downloaded [here][4]. + +[1]: http://docs.info.apple.com/article.html?artnum=306172 +[2]: http://blog.wired.com/monkeybites/2007/08/apple-pushes-ou.html +[3]: http://docs.info.apple.com/article.html?artnum=306174 +[4]: http://www.apple.com/support/downloads/ \ No newline at end of file -- cgit v1.2.3-70-g09d2