Mac users running OS X Lion and OS X Mountain Lion are being greeted by two new software updates chock-full of new features and enhancements, as well as the usual bag of fixes. The few remaining Mac users running Apple’s older Snow Leopard operating system also a have an update to download and install.
Affecting OS X 10.6 (Snow Leopard), OS X 10.7 (Lion), and OS X 10.8 (Mountain Lion) updates, around four dozen vulnerabilities have recently been discovered.
They’re all patched in the latest updates from Apple. Mountain Lion users got OS X 10.8.2
, while Lion customers are required to install OS X 10.7.5
to apply these fixes (and some others).
Snow Leopard users in particular must download and install Security Update 2012-004. There are no new features for users of Mac OS X 10.6 – just fixes. So, let’s look at a few examples.
In OS X 10.7.4 remote admins and people with physical access to the system could obtain account information because of a bug in the Installer.
Apparently, a fix included with OS X Lion 10.7.4, which prevented user passwords from being recorded in the system log, failed to remove the old log entries.
Apple has addressed this issue by simply deleting log files that contained said passwords. This was a Lion-only bug, meaning Snow Leopard and Mountain Lion users remain unaffected.
Here’s one for the more savvy user – “an attacker may be able to decrypt data protected by SSL.”
Apple explains in a security bulletin that “there are known attacks on the confidentiality of SSL 3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode.”
“The Ruby OpenSSL module disabled the 'empty fragment' countermeasure which prevented these attacks,” says the Mac maker. Apple patched this issue by enabling empty fragments, the bulletin says.
This time around, only OS X Mountain Lion systems remain unaffected.
And here’s one that affected everything from Mac OS X v10.6.8 (Snow Leopard) to OS X v10.8.1 (the latest unpatched version of Mountain Lion).
Apparently, someone with enough bad intentions and know-how would be able to intercept user credentials or other sensitive information should they have “a privileged network position.”
Cupertino explains: “TrustWave, a trusted root CA, has issued, and subsequently revoked, a sub-CA certificate from one of its trusted anchors. This sub-CA facilitated the interception of communications secured by Transport Layer Security (TLS).”
To patch the flaw, Apple added the involved sub-CA certificate to OS X's list of untrusted certificates.
All this (and much more) is detailed in Support document HT5501
, “About the security content of OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update 2012-004.” Download Security Update 2012-004 (Free)