240 replies to this topic

[AplusWebMaster]

FYI...

Apple iOS 4 update available
- http://secunia.com/advisories/40257/
Release Date: 2010-06-22
Criticality level: Highly critical
Impact: Security Bypass, Cross Site Scripting, Spoofing, Exposure of sensitive information, DoS, System access
Where: From remote ...
Operating System: Apple iPhone OS (iOS) 3.x, Apple iPhone OS (iOS) for iPod touch 3.x ...
CVE Reference(s): CVE-2009-0689, CVE-2009-1723, CVE-2009-2195, CVE-2009-2816, CVE-2010-0041, CVE-2010-0042, CVE-2010-0043, CVE-2010-0046, CVE-2010-0047, CVE-2010-0049, CVE-2010-0050, CVE-2010-0051, CVE-2010-0052, CVE-2010-0053, CVE-2010-0054, CVE-2010-0544, CVE-2010-1119, CVE-2010-1384, CVE-2010-1387, CVE-2010-1389, CVE-2010-1390, CVE-2010-1391, CVE-2010-1392, CVE-2010-1393, CVE-2010-1394, CVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398, CVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402, CVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1406, CVE-2010-1407, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410, CVE-2010-1413, CVE-2010-1414, CVE-2010-1415, CVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1751, CVE-2010-1752, CVE-2010-1753, CVE-2010-1754, CVE-2010-1755, CVE-2010-1756, CVE-2010-1757, CVE-2010-1758, CVE-2010-1759, CVE-2010-1761, CVE-2010-1762, CVE-2010-1769, CVE-2010-1774, CVE-2010-1775
Solution: Upgrade to iOS 4 (downloadable and installable via iTunes).
Original Advisory: Apple:
http://support.apple.com/kb/HT4225

- http://securitytrack...un/1024135.html
Jun 22 2010

- http://support.apple.com/downloads/
iOS 4 Software Update
This update contains over 100 new features.
June 21, 2010 - iPod Touch 2nd Gen (330.3 MB) iPod Touch 3rd Gen (384.2 MB) iPhone 3G (306.3 MB) iPhone 3GS (396.3 MB)

- http://support.apple.com/kb/DL1058

iOS 4 update fixes 65 vulnerabilities
- http://www.h-online....es-1027039.html
22 June 2010

Edited by AplusWebMaster, 23 June 2010 - 05:22 AM.

[AplusWebMaster]

FYI...

iTunes v9.2.1 released
- http://secunia.com/advisories/40660/
Release Date: 2010-07-20
Criticality level: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
...The vulnerability is reported in versions prior to 9.2.1.
Solution: Update to version 9.2.1.
Original Advisory: Apple:
http://support.apple.com/kb/HT4263

- http://securitytrack...ul/1024220.html

- http://support.apple.com/downloads/

[AplusWebMaster]

FYI...

Safari v5.0.1 released
- http://support.apple.com/kb/DL1070
July 28, 2010 - "... New in this update:
• Customize Safari with features created by third-party developers Find extensions in the Safari Extensions Gallery, accessible from the Safari menu and http://extensions.apple.com/
• This update also contains improvements to stability, accessibility and security..."
- http://support.apple.com/kb/HT4276

- http://secunia.com/advisories/40664/
Last Update: 2010-07-29

Apple security updates
- http://support.apple.com/kb/HT1222

- http://support.apple.com/downloads

Mac OS X v10.6.4 update
- http://support.apple.com/kb/DL1065
July 27, 2010 - "... This update contains all the applicable fixes from the Mac OS X 10.6.4 Update, plus the following specific fixes for iMac (Mid 2010):
• Resolves compatibility and performance-related graphics issues.
• Improves compatibility with large-format SDXC memory cards.
• Adds support for Magic Trackpad..."
- http://support.apple.com/kb/HT4150

Edited by AplusWebMaster, 30 July 2010 - 08:12 PM.

[AplusWebMaster]

FYI...

iOS 4.0.2 Update for iPhone and iPod touch
- http://support.apple.com/kb/HT4291
August 11, 2010

Apple security updates
- http://support.apple.com/kb/HT1222

- http://support.apple.com/downloads

- http://web.nvd.nist....d=CVE-2010-1797
Last revised: 08/21/2010 - "... Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 on the iPad..."
CVSS v2 Base Score: 9.3 (HIGH)

- http://www.f-secure....s/00002007.html
August 11, 2010 - "... patched the jailbreakme vulnerability... new operating system versions are 4.0.2 for iPhone and iPod Touch and 3.2.2 for iPad..."

- http://www.theregist...e_vuln_patched/
11 August 2010 - "... it may make sense to wait until there's an ample amount of bandwidth available. The iPad update is a whopping 456.9MB in size and the iPhone download is 378MB."

Edited by AplusWebMaster, 24 August 2010 - 06:20 AM.

[AplusWebMaster]

FYI...

QuickTime v7.6.7 released
- http://support.apple.com/kb/HT4290
Aug. 12, 2010 - CVE-2010-1799*

- http://www.apple.com...ktime/download/
(32.9 MB)

Apple security updates
- http://support.apple.com/kb/HT1222

- http://secunia.com/advisories/40729/
Last Update: 2010-08-13
Criticality level: Highly critical
Impact: System access
Where: From remote
... The vulnerability is confirmed in version 7.6.6 (1671) for Windows. Other versions may also be affected.
Solution: Update to version 7.6.7.

* http://web.nvd.nist....d=CVE-2010-1799
Last revised: 08/21/2010 - "... Apple QuickTime before 7.6.7..."
CVSS v2 Base Score: 9.3 (HIGH)

- http://securitytrack...ug/1024336.html
Aug 13 2010

- http://isc.sans.edu/...ml?storyid=9382
Last Updated: 2010-08-13 00:15:28 UTC

Edited by AplusWebMaster, 24 August 2010 - 06:31 AM.

[AplusWebMaster]

FYI...

Apple Security Update 2010-005 released
- http://secunia.com/advisories/41087/
Release Date: 2010-08-25
Criticality level: Highly critical
Impact: Hijacking, Security Bypass, Spoofing, Exposure of sensitive information, DoS, System access
Where: From remote
Solution Status: Vendor Patch
Operating System: Apple Macintosh OS X ...
CVE Reference(s): CVE-2010-0098, CVE-2010-0397, CVE-2010-1129, CVE-2010-1205, CVE-2010-1311, CVE-2010-1800, CVE-2010-1801, CVE-2010-1802, CVE-2010-1808, CVE-2010-2063, CVE-2010-2225, CVE-2010-2484, CVE-2010-2531
Solution: Apply Security Update 2010-005.
Original Advisory: Apple:
http://support.apple.com/kb/HT4312

- http://support.apple.com/downloads/

[AplusWebMaster]

FYI...

iTunes v10 released
- http://support.apple.com/kb/HT4328
September 02, 2010
WebKit: CVE-ID:
CVE-2010-1780, CVE-2010-1782, CVE-2010-1783, CVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787, CVE-2010-1788, CVE-2010-1789, CVE-2010-1790, CVE-2010-1791, CVE-2010-1792, CVE-2010-1793

- http://support.apple.com/downloads/

- http://secunia.com/advisories/41149/
Release Date: 2010-09-02
Criticality level: Highly critical
Impact: System access
Where: From remote ...
Solution: Upgrade to version 10.
Original Advisory: Apple:
http://support.apple.com/kb/HT4328

>> http://forums.whatth...=...st&p=680321

Edited by AplusWebMaster, 03 September 2010 - 08:49 AM.

[AplusWebMaster]

FYI...

Safari v5.0.2 / v4.1.2 released
- http://secunia.com/advisories/41085/
Release Date: 2010-09-08
Criticality level: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
Software: Apple Safari 4.x, Apple Safari 5.x
CVE Reference(s): CVE-2010-1805, CVE-2010-1806, CVE-2010-1807
Solution: Update to version 5.0.2 (Mac OS X 10.5.8, Mac OS X 10.6.2 or later, or Windows 7, Vista, or XP SP2) or 4.1.2 (Mac OS X 10.4.11 or Mac OS X 10.5.8 ).
Original Advisory: Apple: http://support.apple.com/kb/HT4333

- http://support.apple.com/downloads/
Safari 4.1.2 for Tiger: Fixes an issue that could prevent users from submitting web forms.
Safari 5.0.2: This update contains improvements to performance, usability, compatibility and security.

- http://securitytrack...ep/1024400.html
Sep 8 2010

[AplusWebMaster]

FYI...

Apple iOS v4.1 released
- http://secunia.com/advisories/41328/
Release Date: 2010-09-09
Criticality level: Highly critical
Impact: Security Bypass, System access
Where: From remote
Operating System: Apple iPhone OS (iOS) 4.x, Apple iPhone OS (iOS) for iPod touch 4.x
CVE Reference(s): CVE-2010-1421, CVE-2010-1422, CVE-2010-1764, CVE-2010-1770, CVE-2010-1771, CVE-2010-1780, CVE-2010-1781, CVE-2010-1782, CVE-2010-1783, CVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787, CVE-2010-1788, CVE-2010-1791, CVE-2010-1793, CVE-2010-1809, CVE-2010-1810, CVE-2010-1811, CVE-2010-1812, CVE-2010-1813, CVE-2010-1814, CVE-2010-1815, CVE-2010-1817
Solution: Update to to iOS 4.1 (downloadable and installable via iTunes).
Original Advisory: Apple:
http://support.apple.com/kb/HT4334

- http://securitytrack...ep/1024413.html
- http://securitytrack...ep/1024414.html
Sep 9 2010

Edited by AplusWebMaster, 09 September 2010 - 09:01 AM.

[AplusWebMaster]

FYI...

Quicktime v7.6.8 released
- http://support.apple.com/kb/HT4339
September 15, 2010
CVE-ID: CVE-2010-1818
CVE-ID: CVE-2010-1819

- http://www.apple.com...ktime/download/

Apple security updates
- http://support.apple.com/kb/HT1222

- http://secunia.com/advisories/41213/
Last Update: 2010-09-16
Criticality level: Highly critical
Impact: System access
Where: From remote
Solution: Update to version 7.6.8...

- http://securitytrack...ep/1024452.html
Sep 15 2010 "... prior to 7.6.8..."

Edited by AplusWebMaster, 18 September 2010 - 12:02 PM.

[AplusWebMaster]

FYI...

Apple Security Update 2010-006 released
- http://support.apple.com/kb/HT4361
September 20, 2010
CVE-ID: CVE-2010-1820

- http://support.apple.com/downloads/

- http://securitytrack...ep/1024462.html

[AplusWebMaster]

FYI...

Apple Mac OS X update for Java
- http://secunia.com/advisories/41905/
Release Date: 2010-10-21
Criticality level: Highly critical
Impact: Manipulation of data, Privilege escalation, DoS, System access
Where: From remote
Solution Status: Vendor Patch
CVE Reference(s): CVE-2009-3555, CVE-2010-1321, CVE-2010-1826, CVE-2010-1827
Original Advisory: Apple:
http://support.apple.com/kb/HT4417
http://support.apple.com/kb/HT4418

- http://support.apple.com/downloads/

Edited by AplusWebMaster, 21 October 2010 - 05:24 AM.

[AplusWebMaster]

FYI...

Mac OS X Server v10.6.5 (10H575)
- http://support.apple.com/kb/HT4452
November 15, 2010
CVE-ID: CVE-2010-4011
Available for: Mac OS X Server v10.6 through v10.6.5 (10H574)
Impact: A user may receive mail intended for other users ...

- http://support.apple.com/kb/HT1222

- http://support.apple.com/downloads/

- http://www.securityt....com/id?1024740
Nov 15 2010
- http://secunia.com/advisories/42278/
Release Date: 2010-11-16
___

Mac OS X v10.6.5 Security Update 2010-007
- http://support.apple...oads/#macosx106
November 10, 2010 - "The 10.6.5 Update is recommended for all users running Mac OS X Snow Leopard. It includes Safari 5 and general operating system fixes..."

- http://support.apple.com/kb/HT4435
Last Modified: November 11, 2010
Mac OS X v10.6.5 / Security Update 2010-007

- http://support.apple.com/kb/HT4250

- http://secunia.com/advisories/42151/
Last Update: 2010-11-11
- http://www.securityt....com/id?1024723
Nov 11 2010
___

- https://pgp.custhelp...etail/a_id/2288
UPDATED 11/17/2010 - Mac PGP WDE customers upgrading to Mac OS X 10.6.5

Edited by AplusWebMaster, 24 November 2010 - 06:51 AM.

[AplusWebMaster]

FYI...

Safari v5.0.3 released
- http://secunia.com/advisories/42264/
Release Date: 2010-11-19
Criticality level: Highly critical
Impact: System access, Spoofing, Security Bypass
Where: From remote
Solution Status: Vendor Patch ...
Solution: Update to Safari 5.0.3 (Mac OS X 10.5.8, Mac OS X 10.6.4 or later, Windows 7, Vista, XP) or Safari 4.1.3 (Mac OS X 10.4.11)...

- http://support.apple.com/kb/DL1070

- http://support.apple.com/kb/HT4455

- http://support.apple.com/kb/HT1222

- http://support.apple.com/downloads/

- http://www.securityt....com/id?1024757
Nov 18 2010
CVE Reference: CVE-2010-3803, CVE-2010-3804, CVE-2010-3805, CVE-2010-3259, CVE-2010-3808, CVE-2010-3809, CVE-2010-3810, CVE-2010-3811, CVE-2010-3812, CVE-2010-3813, CVE-2010-3116, CVE-2010-3257, CVE-2010-3816, CVE-2010-3817, CVE-2010-3818, CVE-2010-3819, CVE-2010-3820, CVE-2010-3821, CVE-2010-3822, CVE-2010-3823, CVE-2010-3824, CVE-2010-3826

- http://nakedsecurity...ulnerabilities/
November 19, 2010 - "... If you are a Safari user make sure you apply these updates as soon as possible, as it won't be long before our criminal adversaries attempt to use their disclosure against us..."

Edited by AplusWebMaster, 20 November 2010 - 12:21 PM.

[AplusWebMaster]

FYI...

Apple iOS v4.2 released
- http://support.apple.com/kb/DL1061

- http://support.apple.com/kb/HT4456

- http://support.apple.com/downloads/

- http://techblog.avir...an-cosmetic/en/
November 23, 2010 - "... many changes mainly for iPad owners like multitasking, app folders... more than just these more or less cosmetic fixes... vulnerabilities allow attackers for example to dial out without user knowledge to costly numbers or to take over complete control of the iPhone/iPad/iPod Touch..."

- http://lists.apple.c...v/msg00003.html
APPLE-SA-2010-11-22-1
22 Nov 2010 - iOS 4.2 is now available ...
Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad ...
CVE-ID: CVE-2010-0051, CVE-2010-0544, CVE-2010-0042, CVE-2010-1384, CVE-2010-1387, CVE-2010-1392, CVE-2010-1394, CVE-2010-1403, CVE-2010-1405, CVE-2010-1407, CVE-2010-1408, CVE-2010-1410, CVE-2010-1414, CVE-2010-1415, CVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1421, CVE-2010-1422, CVE-2010-1757, CVE-2010-1758, CVE-2010-1764, CVE-2010-1770, CVE-2010-1771, CVE-2010-1780, CVE-2010-1781, CVE-2010-1782, CVE-2010-1783, CVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787, CVE-2010-1788, CVE-2010-1791, CVE-2010-1793, CVE-2010-1811, CVE-2010-1812, CVE-2010-1813, CVE-2010-1814, CVE-2010-1815
___

- http://secunia.com/advisories/42312/

- http://secunia.com/advisories/42314/

- http://www.securityt....com/id?1024768

- http://www.securityt....com/id?1024770

- http://www.securityt....com/id?1024771

- http://www.securityt....com/id?1024772

- http://www.securityt....com/id?1024773

Edited by AplusWebMaster, 23 November 2010 - 02:28 PM.