Secure IT Alert for Thursday, February 2, 2012
If you are running a current version of Apple Mac OS X, 10.6.x or OS X 10.7.x (Snow Leopard & Lion respectively), then you are vulnerable to exploits that these patches correct.
These security flaws could potentially allow an attacker to execute code on your computer after you visit a malicious web site or download/view affected documents or files, or allow Denial of Service (DoS) or even elevation of privileges.
How do you fix this? Apple has released OS X Security Update 2012-001 and OS X 10.7.3 to fix these security problems – UPDATE ASAP.
The 52 security vulnerabilities affect 27 components that are part of OS X and OS X server. Some of the affected software includes: Apache, OpenGL, PHP, QuickTime and Time Machine.
A few examples:
Buffer overflow vulnerability in ImageIO – View a malicious image and it could result in a crash of an application, or code to be executed on your computer. The upside is, it would only execute with your privileges.
Buffer overflow vulnerability in CoreAudio – Play a malicious audio file and experience a crash of your system, or execute code with your privileges.
QuickTime vulnerabilities – Six of these babies could mean that if you open a malicious image or video in QT, code could be executed with your privileges.
The full update information can be found at http://support.apple.com/kb/HT5130
Should you require assistance in applying these updates, do not hesitate to call us in the Greenville or Upstate SC area at 864.990.4748 or email firstname.lastname@example.org