Apple Security Advisory 2019-5-13-1 - iOS 12.3 is now available and addresses code execution vulnerabilities.
98f82c82387cbb5aa2121b69ad0c432e451a68e7b837a9bf0e4be86762e4853d
Apple Security Advisory 2012-09-19-2 - OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update 2012-004 are now available and address Apache, BIND, CoreText, Data Security, and many other vulnerabilities.
40b0db811b217e85fb6806b53d13edb126d8f6537576e1fb80a6d9e6c2266a62
Apple Security Advisory 2012-09-19-1 - iOS 6 is now available and addresses CFNetwork, CoreGraphics, CoreMedia, DHCP, and many other vulnerabilities.
948802ec7f4f098a6e019e724692dd60eae2f16a84688f9bf9597fcc368ca8d8
Apple Security Advisory 2012-09-17-1 - Apple Remote Desktop 3.5.3 is now available and addresses an information disclosure vulnerability.
15417159543689958e35449fe891ef88e1551b36f07a6054a729946d40ac107f
Apple Security Advisory 2012-09-12-1 - iTunes 10.7 is now available and addresses multiple memory corruption issues in webkit.
8f27ac75b6ce51b0fdc6c2b6f2d18541eb8e57e34aa68e9dc16e36ea16418c79
Apple Security Advisory 2012-09-05-1 - An opportunity for security-in-depth hardening is addressed by updating to Java version 1.6.0_35.
40683407869977f11f2178ecba0709810a82b7f712437df50ec3b2b0fe8ed802
Apple Security Advisory 2012-08-20-1 - Apple Remote Desktop 3.6.1 is now available and addresses a failed encrypted connection that may result in an information disclosure vulnerability.
f27f103fee4eeb50dc396bf4a3750d2154a0a596681618a2c6f7ad7d0c9defb8
Apple Security Advisory 2012-07-25-2 - Xcode 4.4 is now available and addresses SSL and keychain access vulnerabilities.
c2cc026f3b7923d4cf0e195439b0177e2a4b32fdb0a5e1cf52d8081dc25b788d
Apple Security Advisory 2012-07-25-1 - A cross-site scripting issue existed in the handling of feed:// URLs in Safari. An autocomplete flaw was also fixed in Safari. Various other Safari issues have also been addressed. Webkit had code execution, cross origin, access control, and various other vulnerability issues addressed.
8732227d6e75dc119efc7310ee76893499230d392a70d317817005bf2619e391
Apple Security Advisory 2012-06-12-1 - Multiple vulnerabilities exist in Java, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_33.
1b40d3aff1934dfdc23e7f4aff638d279d1e97e8c8cb357fe3e86a5e98d2e1b3
Apple Security Advisory 2012-06-11-1 - iTunes 10.6.3 is now available and addresses multiple issues. Importing a maliciously crafted .m3u playlist may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in the handling of .m3u playlists. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in WebKit.
644c91fc8758a15b827d4bc4a159391a534dc99616a262e6926d0a05f89dab42
Apple Security Advisory 2012-05-15-1 - QuickTime 7.7.2 is now available and addresses multiple security issues. Multiple stack overflows existed in QuickTime's handling of TeXML files. A heap overflow existed in QuickTime's handling of text tracks. A heap buffer overflow existed in the handling of H.264 encoded movie files. An uninitialized memory access issue existed in the handling of MP4 encoded files. For OS X Lion systems, this issue is addressed in OS X Lion v10.7.3. For Mac OS X v10.6 systems, this issue is addressed in Security Update 2012-001. Various other issues were also addressed.
57c27e1b2292d0b0350bc4e9a6a61eb501064eaa248f2cdb7fc88e7fb35ed920
Apple Security Advisory 2012-05-14-2 - This update disables Adobe Flash Player if it is older than 10.1.102.64 by moving its files to a new directory. This update presents the option to install an updated version of Flash Player from the Adobe website.
a18bf4afd49f0790a7800f00c7179cc923a3890a42c7c396c63645d35c123d0d
Apple Security Advisory 2012-05-14-1 - This update runs a malware removal tool that will remove the most common variants of the Flashback malware. If the Flashback malware is found, it presents a dialog notifying the user that malware was removed. There is no indication to the user if malware is not found.
ff2f94e0d38ea69f36970a1ad604758214b956d4b4c5ef71810c7ef1ed9fd7ef
Apple Security Advisory 2012-05-09-2 - Safari 5.1.7 is now available and addresses multiple WebKit related vulnerabilities.
06f17e6022a0d68a1399445ed89c60edec39d3f5c907f4a43cbd9bf508aaa69c
Apple Security Advisory 2012-05-09-1 - OS X Lion v10.7.4 and Security Update 2012-002 is now available and addresses multiple security issues. An issue existed in the handling of network account logins. The login process recorded sensitive information in the system log, where other users of the system could read it. A temporary file race condition issue existed in blued's initialization routine. There are known attacks on the confidentiality of SSL 3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode. curl disabled the 'empty fragment' countermeasure which prevented these attacks. This issue is addressed by enabling empty fragments. A data injection issue existed in curl's handling of URLs. This issue is addressed through improved validation of URLs. This issue does not affect systems prior to OS X Lion. Various other vulnerabilities have been addressed.
8a1ec648cdab00dde0f7ff37efd462d6ad93a16f2b5d89ca92fb566b939516e3
Apple Security Advisory 2012-05-07-1 - A URL spoofing issue existed in Safari. This could be used in a malicious web site to direct the user to a spoofed site that visually appeared to be a legitimate domain. Multiple cross site scripting issues existed in WebKit along with a memory corruption issue.
786fe23968a3f5aa19c1879e551587fcf15f839f12791813e11922d9793808ec
Apple Security Advisory 2012-04-13-1 - This update runs a malware removal tool that will remove the most common variants of the Flashback malware. If the Flashback malware is found, it presents a dialog notifying the user that malware was removed. There is no indication to the user if malware is not found. This update is available for OS X Lion systems that do not have Java installed.
bd22d552b5690a6807fe6409d749b643aff68c006e6425cebeeaef89b0278536
Apple Security Advisory 2012-04-12-1 - Java for OS X 2012-003 and Java for Mac OS X 10.6 Update 8 is now available. As a security hardening measure, the Java browser plugin and Java Web Start are deactivated if they are unused for 35 days. Installing this update will automatically deactivate the Java browser plugin and Java Web Start. Users may re-enable Java if they encounter Java applets on a web page or Java Web Start applications.
2f2b314e398333a3e601f5345e342e8e86e10daced4ff3b39b3cdf6e5b210dc5
Apple Security Advisory 2012-04-03-1 - Java for OS X 2012-001 and Java for Mac OS X 10.6 Update 7 is now available. It addresses multiple vulnerabilities that exist in Java 1.6.0_29, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox.
9b2491e0649107046854a66362922281cb8a88f0446d805f1131dd3c839681ab
Apple Security Advisory 2012-03-12-1 - Safari version 5.1.4 is now available and addresses 84 different vulnerabilities. This includes many fixes for WebKit related issues.
bc365007227c4580123163b3c91e0db846e682785546cac5b750dbdacd9d0a55
Apple Security Advisory 2012-03-07-2 - iOS 5.1 Software Update is now available and addresses 81 vulnerabilities.
34048d7da394cc219fa8dc48de70abf8244a6ae7d398882cbeb4a40175ac988e
Apple Security Advisory 2012-03-07-1 - iTunes 10.6 is now available and addresses 72 vulnerabilities.
3188c99eb432c19008d932579fbe9d68dd7d9d636d0c2b977023272db310e3b0
Apple Security Advisory 2012-03-07-3 - Apple TV 5.0 is now available and addresses a libresolv library vulnerability that could lead to an unexpected application termination or arbitrary code execution.
5a20d220069b8b4bc6d93448ab5d6cee20b30c6f48fcc5688f31614fcba81528
Apple Security Advisory 2012-02-01-1 - Apple has addressed 48 security vulnerabilities. These issues existed in packages such as Address Book, Apache, CFNetwork, ColorSync, CoreAudio, CoreMedia, CoreText, curl and much more.
cf25033e1c0f7c890c4bb4bf4deec5fe01b2162ac354bd512e0fcd1426499d94
Apple Security Advisory 2011-11-14-1 - iTunes 10.5.1 is now available and addresses a man-in-the-middle vulnerability. iTunes periodically checks for software updates using an HTTP request to Apple. This request may cause iTunes to indicate that an update is available. If Apple Software Update for Windows is not installed, clicking the Download iTunes button may open the URL from the HTTP response in the user's default browser. This issue has been mitigated by using a secured connection when checking for available updates. For OS X systems, the user's default browser is not used because Apple Software Update is included with OS X, however this change adds additional defense-in-depth.
0402f9695cc05ee28bbb705980abebd65df936264f8a42a2af20c358298c21ff