Security Update 2014-002 is out (as of yesterday) and it contains some extremely important vulnerability fixes.
You can read all about it from Apple at the link above.
Components:
- CFNetwork HTTPProtocol
- CoreServicesUIAgent
- FontParser
- Heimdal Kerberos
- ImageIO
- Intel Graphics Driver
- IOKit Kernel
- Kernel
- Power Management
- Ruby
- Security - Secure Transport
- WindowServer
… feature updates for various operating systems from 10.7.x through 10.9.2, although each component is not updated for all operating systems. The key risks associated with not updating include creation of WindowServer sessions by sandboxed apps, man-in-the-middle attacks for SSL, situations where screen lock does not occur when it should, buffer overrun issues that could allow maliciously crafted applications, images and PDFs to execute code arbitrarily, user access to kernel pointers that defeats memory space randomization, and potential access to unprotected cookie content (and, therefore, access to secure sites) by stopping an in-progress HTTP header transfer before security data is finalized.
For Mavericks users, this update also contains the security content of Safari 7.0.3. Issues addressed in this release of Safari cover multiple memory corruption issues existing in WebKit.
Click here to launch the Mac App Store’s Updates
Remember, on Mavericks all updates default to automatic, but system updates require a restart and if an app is loaded it cannot update. Check the Notification Center to see if you have missed an alert. The Mac App Store updates tab will also show all updates installed in the last 30 days, in order of most recent first.
FYI, this is the device I use to keep my iMac device batteries charged. It is many levels above the typical retail device, and now it is available for 30% off what I paid!
No comments:
Post a Comment