Free Republic

One week after Apple carried out its largest iOS and iPad update since September 2020's version 14.0 release, the company has followed up with a new patch for two zero-day vulnerabilities that let hackers execute malicious code on fully updated devices. Additionally, the new release of 14.5.1 also mitigates issues with a bug in the recent App Tracking Transparency feature included in the previous version. Both of these vulnerabilities are located in the browser engine Webkit, which provides web content for App Store, Mail and Safari as well as other various apps running on iOS, Linux and macOS. Apple described...

Available for: macOS High Sierra 10.13.1Not impacted: macOS Sierra 10.12.6 and earlier Impact: An attacker may be able to bypass administrator authentication without supplying the administrator’s passwordDescription: A logic error existed in the validation of credentials. This was addressed with improved credential validation.CVE-2017-13872When you install Security Update 2017-001 on your Mac, the build number of macOS will be 17B1002. Learn how to find the macOS version and build number on your Mac.If you require the root user account on your Mac, you can enable the root user and change the root user's password.

Attackers could use fake certificate to get around protections. Mozilla has disabled an "opportunistic encryption" feature added to its Firefox browser last week, in order to fix a critical security flaw that allowed attackers to bypass HTTPS protections. The company last week released Firefox 37, which came with a new feature allowing connections to be encrypted even if a server didn't support HTTPS. This so-called "opportunistic encryption" acted as a bridge between plaintext HTTP and HTTPS connections based on either transport layer security (TLS) or the older secure sockets layer protocol. It allowed website owners who are unable to fully...

Apple today released Security Update 2007-002 to fix several vulnerabilities affecting the Mac OS X Finder, iChat, and the UserNotificationCenter process. One vulnerability could cause an application to crash or result in arbitrary code execution, resuming the user is enticed into opening a specially-crafted disk image resulting in a buffer overflow in Finder's handling of volume names. Two iChat-related security concerns are fixed in the update, preventing attackers on the local network from causing iChat to crash and foiling potential attempts by malicious websites to cause applications to crash or execute arbitrary code. The UserNotificationCenter process runs with elevated privileges...

What's New in Firefox 1.5.0.2 Firefox 1.5.0.2 provides native support for Macintosh with Intel Core processors, and stability and security enhancements that are part of our ongoing program to provide a safer Internet experience for our users. We recommend that all Firefox users upgrade to this latest version. Here's what's new in Firefox 1.5.0.2: Universal Binary support for Mac OS X which provides native support for Macintosh with Intel Core processors. Firefox supports the enhancements to performance introduced by the new MacIntel chipsets. Improvements to product stability. Several security fixes. The Burning Edge has more detailed lists of notable bug...

Apple on Monday released a security update for Intel and PowerPC-based machines running Mac OS X. The update addresses a number of issues with apache_mod_php, CoreTypes, LaunchServices, Mail, Safari and rsync, according to notes from Apple. This update also includes the previous Security Update, which fixed security issues with apache_mod_php, Automount, Bom, Directory Services, iChat, IPSec, LaunchServices, LibSystem, Loginwindow, Mail, Rsync, Safari Syndication. The update can be downloaded from AppleÂ’s Web site or via the Software Update mechanism in Mac OS X.

Apple on Tuesday released Security Update 2005-009, which addresses issues with both Mac OS X and Mac OS X Server. Among the components affected in this release are apache_mod_ssl; CoreFoundation; CoreTypes; curl; iodbcadmin; OpenSSL; Safari;sudo; and syslog. The biggest changes for Mac OS X users are with the company’s Web browser software, Safari. In total, four separate issues have been fixed in this release. The first issue fixes a problem that affects Safari’s download directory, which is normally specified by the user. However, if a web site suggests an overlong filename for a download, it is possible for Safari to...

Microsoft Pulls Update for WindowsWed May 28, 2003 12:08 AM ETSEATTLE (Reuters) - Microsoft Corp. said on Tuesday it has withdrawn a security update for its Windows XP software after discovering that it switched off Internet connections for some of the 600,000 users who downloaded and installed it. The update, a small software addition that is used to fix and add features to existing software programs, was originally aimed at improving the security of Internet connections. But after releasing the update on May 21, Microsoft discovered it was incompatible with other security firewall software used to protect home computers from...