Technical Cyber Security Alert 2011-286A - There are multiple vulnerabilities in Mac OS X 10.6.8, 10.7, and 10.7.1 and Mac OS X Server 10.6.8, 10.7, and 10.7.1. Apple has released updates to address these vulnerabilities.
f8e5be39396a195dc1dc30012aa1575c33052ce127689291b4cd47f6df51bf61
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA11-286A
Apple Updates for Multiple Vulnerabilities
Original release date: October 13, 2011
Last revised: --
Source: US-CERT
Systems Affected
* Mac OS X 10.6.8
* Mac OS X Server 10.6.8
* Mac OS X 10.7, 10.7.1
* Mac OS X Server 10.7, 10.7.1
Overview
There are multiple vulnerabilities in Mac OS X 10.6.8, 10.7, and
10.7.1 and Mac OS X Server 10.6.8, 10.7, and 10.7.1. Apple has
released updates to address these vulnerabilities.
I. Description
The Apple Security Advisory for OS X Lion v10.7.2 and Security
Update 2011-006 describes multiple vulnerabilities in Mac OS X and
Mac OS X Server. Apple has released updates to address these
vulnerabilities.
II. Impact
A remote, unauthenticated attacker could execute arbitrary code,
cause a denial of service, or gain unauthorized access to your
files or system.
III. Solution
Apple has provided updates for these vulnerabilities in the Apple
Security Advisory for OS X Lion v10.7.2 and Security Update
2011-006. This advisory describes any known issues related to the
updates and the specific impacts for each vulnerability.
Administrators are encouraged to note these issues and impacts and
test for any potentially adverse effects before wide-scale
deployment.
IV. References
* OS X Lion v10.7.2 and Security Update 2011-006 -
<http://support.apple.com/kb/HT5002>
* Mac OS X: Updating your software -
<http://support.apple.com/kb/HT1338>
____________________________________________________________________
The most recent version of this document can be found at:
<http://www.us-cert.gov/cas/techalerts/TA11-286A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA11-286A Feedback VU#421739" in
the subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2011 by US-CERT, a government organization.
Terms of use:
<http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
October 13, 2011: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iQEVAwUBTpb8zj/GkGVXE7GMAQI21Af/SHWzIangqPW9vtuG/MQWSBMy9nG4wIZS
DUEAWBEMPTKF3fLrIy6TVpRLN3q/q4dCYXzM4lec4IzKvEbV/bUyg15xEfYdxB0v
s/vARGNwf7tjSbjo+PaHLuSZ1HLn/GLO3CXaf+ut/Kb8y9Fsir5klMgrCX/N0JkY
dLoV9R6zGs1aQzmF9ULB1IQ2/lUkg6CGnyARh0prfhRFwKfu7NZXb8yz5ex68q6V
NF6j9l+XK0Cl4K7R+0ESD4e47jLCg6iN175O8VzrlxiRvBRAyTaFycdMB4uSkmii
xu8SqU2QFhsIJy8J+i1Bb6kuWkaxAnUbxO4tRrmXoqTXl9m0CtpnWA==
=3Wp2
-----END PGP SIGNATURE-----