Apple's 48 Security Fixes Include iPhone Updates
Apple on Tuesday pushed out security updates to fix at least four dozen security holes in its Mac OS X operating system and other software. Perhaps most notable among the patches are several designed to plug security holes in Apple's much-hyped iPhone. Also included in the patch bundles was another set of security fixes for the beta version of Apple's Safari browser designed for use on Microsoft Windows machines.
Most people have probably never updated their mobile phone to accommodate security updates (many mobile phone providers push these updates out over the phone itself with nagging prompts to the user). Still, as the iPhone is essentially a pricey mini computer, people who have rushed to purchase the device should probably get used to updating it. For better or for worse, the security research community seems to have painted a bullseye on the iPhone, perhaps with the aim of making a name for themselves for finding exploitable security holes in what may be one of the most cleverly-hyped pieces of technology to date.
Apple reports that iPhone users will need to fetch the fixes via iTunes. The instructions, per Apple's Web site:
"The updates will not appear in your computer's Software Update application, or in the Apple Downloads site When the iPhone is docked, iTunes will present the user with the option to install the update. We recommend applying the update immediately if possible. Selecting "don't install" will present the option the next time you connect your iPhone."
Interestingly, Apple appears to have fixed a few vulnerabilities in its implementation of Samba, a suite of programs that facilitate file-sharing between OS X and Windows computers. This functionality is not turned on by default on Mac systems, but any Mac users who have decided to avail themselves of this feature should apply this latest update. Exploit code showing bad guys exactly how to attack the flaw to compromise vulnerable Mac systems has been posted online, and analysis from anti-virus giant Symantec Corp. indicates that the instructions can be used to compromise unpatched Macs, albeit with slight alterations in the code.
The updates for Mac OS X are available via the built-in Software Update feature or directly from Apple Downloads. Windows users of the Safari Beta can use the bundled Apple Software Update application to retrieve the fixes.
The comments to this entry are closed.