In association with heise online

13 October 2011, 11:19

Apple releases Mac OS X 10.7.2 and Safari 5.1.1

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Mac OS X Lion Apple has released Mac OS X 10.7.2 and, for Mac OS X 10.6.8 Snow Leopard users who have yet to upgrade to Lion, Security Update 2011-006; these updates address a number of security vulnerabilities in the company's desktop and server operating systems. According to Apple, more than 70 holes have been closed by the updates, many of which could be exploited by an attacker to remotely execute code with elevated privileges, gain access to private information, or cause a denial-of-service (DoS).

Mac OS X 10.7.2 and Security Update 2011-006 fix issues in the QuickTime media player, iChat Server, CoreFoundation, CoreMedia, CoreProcesses, CoreStorage, and the kernel, as well as IOGraphics, MediaKit and Open Directory. Other problems addressed by the update include security vulnerabilities in Apache, the Application Firewall, the BIND DNS server, PHP, Python, the SMB File Server, Tomcat and X11. Various root certificates were also added or updated.

The company also released an update for its Safari web browser for Windows and Mac OS X. Version 5.1.1 of Safari corrects a total of 43 security vulnerabilities, most of which are memory corruption issues in the WebKit browser engine that could be exploited to execute arbitrary code. Directory traversal, policy, and uninitialised memory access issues have also been fixed.

Users can download Safari 5.1.1, Mac OS X Lion 10.7.2 (Server Standard Update 842.49 MB, Server Combo Update 892.24 MB, Client Standard Update 768.84 MB, Client Combo Update 818.59 MB) and Security Update 2011-006 (Client 136.28 MB, Server 144.91 MB) from Apple's Support Downloads page. Alternatively, Mac OS X users can upgrade to the latest releases via the built-in Software Update function. All users are advised to upgrade as soon as possible.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit