14 DAY TRIAL // After iTunes, now it's time for Safary, Apple TV, iOS and OS X Lion to get new security updates which will make sure Apple enthusiasts are better protected against potential attacks.
As it turns out, a large number of vulnerabilities were present in some of their products and before any criminal mastermind would learn of them, they released Numbers for iOS v1.5, Pages for iOS v1.5, Safari 5.1.1, OS X Lion v10.7.2, iOS 5 and Apple TV 4.4, all of which contain several improvements that fix the issues which allowed for a system to be exploited.
To begin with, the previous version of iOS had a lot of problems with components like CalDAV, Calendar, CFNetwork, CoreFoundation and Data Security. Weak spots such as script injection issues, logs that should not have existed and the existence of memory corruption in some places could have allowed a cybercriminal to execute arbitrary code or to easily obtain the credentials of a customer.
The new variant of Apple TV makes sure that the rogue DigiNotar certificates can no longer affect a system while protecting it against malicious code execution and man-in-the-middle attacks.
A device might have been easily reset by a remote attacker as the apps kernel failed to promptly reclaim memory from incomplete TCP connections, which allows a hacker to exhaust all the resources.
OS X Lion no longer suffers from Apache, firewall, file system or iChat server flaws, the weakness in the latter allowing for a remote attacker to cause the Jabber server to consume system reserves disproportionately. Also, due to a flaw in IOGraphics an individual with physical access was able to bypass the screen lock.
Safari also got all its 43 holes patched, some of which may have led to the execution of arbitrary Javascript that hid itself in browser extensions. SSL certificate-related vulnerabilities were also taken care of and cross-site scripting attacks are no longer possible, as the document cross-origin problem was fixed.
Maliciously crafted Microsoft Word files can no longer do damage as the new edition of Pages deals with the memory corruption concern that existed in the way documents were handled. Numbers also took benefit from a similar improvement which will prevent any hits that may have come from running a malevolent Excel sheet.