Skip to main content

APPLE WORLD


http://amzn.to/2H9uU2M
Apple has released a massive set of security fixes to address vulnerabilities in OS X, iOS, Safari, and Apple TV. The update for OS X is largest of all the patches and addresses 80 unique vulnerabilities. The OS X Yosemite v10.10.3 update is available for OS X Yosemite v10.10 to v10.10.2, while Security Update 2015-004 is available for OS X Mountain Lion v10.8.5 and OS X Mavericks v10.9.5.
Of particular interest is a fix to several CVEs raised by Ian Beer of Google Project Zero. Multiple input validation issues existed in fontd, and as a result a local user may be able to execute arbitrary code with system privileges.

Apple also fixed a use-after-free issue that existed in CoreAnimation, an input validation issue that existed within OS X’s URL processing, and a memory corruption issue that existed in WebKit. Because of these, visiting a maliciously crafted website could have led to arbitrary code execution.
Other “arbitrary code execution” vulnerabilities fixed by Apple include:
  • Multiple memory corruption issues that existed in the processing of font files (CVE-2015-1093 : Marc Schoenefeld).
  • A memory corruption issue that existed in the handling of .sgi files.
  • A memory corruption issue that existed in an IOHIDFamily API (CVE-2015-1095 : Andrew Church).
  • A memory corruption issue that existed in the handling of iWork files (CVE-2015-1098 : Christopher Hickstein).
  • A heap buffer overflow existed in SceneKit’s handling of Collada files (CVE-2014-8830 : Jose Duart of Google Security Team).
Apple also update the bundled version of Apache in OS X. Multiple vulnerabilities existed in Apache versions prior to 2.4.10 and 2.2.29, including one that may allow a remote attacker to execute arbitrary code. These issues were addressed by updating Apache to versions 2.4.10 and 2.2.29.
Likewise it also updated the bundled version of PHP. Multiple vulnerabilities existed in PHP versions prior to 5.3.29, 5.4.38, and 5.5.20, including one which may have led to arbitrary code execution. This update addresses the issues by updating PHP to versions 5.3.29, 5.4.38, and 5.5.20.
The update for iOS addresses 58 separate CVE entries, while Apple TV 7.2 fixes 38 unique CVEs. The fixes for Safari updates the browser to Safari 8.0.5, Safari 7.1.5, and Safari 6.2.5 respectively. In total the Safari update addresses 10 different CVEs

Comments

Post a Comment

Popular posts from this blog

Admission! Admission! Admission!

       Join Our ICT College and Shape Your Tech Future! Are you ready to embark on an exciting journey into the world of technology, innovation, and limitless possibilities? Look no further! Softlink Computer Institute is thrilled to announce the admission process for the upcoming academic year. Why Choose Softlink Computer Institute? Cutting-Edge Programs: At Softlink Computer Institute, we offer a wide range of ICT programs designed to equip you with the skills and knowledge needed in today's tech-driven world. From Software Engineering to Cybersecurity, we have the programs that match your aspirations. Experienced Faculty: Learn from industry experts who bring real-world experience into the classroom. Our faculty is dedicated to your success and will guide you through every step of your academic journey. State-of-the-Art Facilities: Explore our modern, well-equipped labs and libraries. Access the latest software, hardware, and resources to support ...
1 comment
Read more

How to dress in Short and Sweet Jackets

  Short and sweet jackets are versatile and stylish additions to your wardrobe, and they can be dressed up or down depending on the occasion. Here are some tips on how to dress in short and sweet jackets: Choose the Right Fit: Fahsion Lady Ensure that the jacket fits you well. It should not be too tight or too loose. The shoulders should align with your natural shoulder line, and the length should end at your waist or slightly below. Select a Complementary Outfit: For a Chic Look: Pair your short and sweet jacket with a fitted blouse or a classic button-down shirt. Add skinny jeans or tailored trousers to complete the chic ensemble. Casual Style: Dress down the jacket by wearing it over a simple T-shirt and your favorite pair of jeans. This combination is perfect for a casual day out. Dressy Occasions: Short and sweet jackets can also be dressed up for formal or semi-formal events. Layer them over a sleek dress or a tailored skirt and blouse combo. Consider the Fabri...
Post a Comment
Read more

The Role of Web Developers in Cybersecurity

  Introduction: In an increasingly interconnected world, the role of web developers has expanded beyond creating visually appealing and functional websites. They are now integral to cybersecurity efforts, as the internet becomes a prime battleground for cyber threats. In this article, we'll explore the evolving role of web developers in cybersecurity and the measures they take to safeguard the digital world. Understanding Cybersecurity Threats Cyber threats, including hacking, data breaches, and malware attacks, are growing in complexity and frequency. Web developers must understand these threats and proactively work to mitigate vulnerabilities in their web applications. Secure Coding Practices Web developers are responsible for writing secure code. They must follow best practices for input validation, authentication, and authorization to prevent common vulnerabilities like SQL injection and cross-site scripting (XSS) attacks. Web Application Firewalls (WAFs) Web Appl...
1 comment
Read more