Apple fixes iBook iAuthor flaw

Apple credited Behrouz Sadeghipour and Patrik Fehrenbach for finding the flaw.
Apple credited Behrouz Sadeghipour and Patrik Fehrenbach for finding the flaw.

Apple released an update for OS X Yosemite v10.10 or later to patch a vulnerability (CVE-2016-1789) that could lead to disclosure of user information.

The fix, posted by Apple on March 1, said an XML external entity reference issue existed with iBook iAuthor parsing and it was fixed by improving the software's parsing ability.

Apple credited Behrouz Sadeghipour and Patrik Fehrenbach for finding the flaw.

This patch comes shortly after the company issued a lengthy update for several of its operating systems on March 22 and on March 29 Apple had to re-release its latest mobile offering, iOS 9.3 to fix an issue that caused the device to lock up on some older devices.

You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS