Patch/Configuration Management, Vulnerability Management

Apple updates address flaws in Mavericks, Safari, iOS, and Apple TV

Apple's OS X Mavericks 10.9.4 and Security Update 2014-003 addresses various vulnerabilities, some of which can enable attackers to execute arbitrary code, hijack another user's session, steal credentials, and type into windows under the lock screen, according to an Apple notification.

The OS X Mavericks update includes the Safari 6.1.5 and 7.0.5 updates, which address flaws that can enable arbitrary code execution, unexpected application termination, and disclosure of local file content, according to the notification.

Some of the vulnerabilities addressed iOS 7.1.2 could enable an attacker to bypass the activation lock, exceed the maximum number of failed passcode attempts, disable "Find My iPhone" without entering an iCloud password, and execute arbitrary code.

The Apple TV 6.2 update fixes arbitrary code execution bugs and a vulnerability that could enable an iTunes transaction to be completed without sufficient authorization.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.