Apple has released the following security updates:
Security Update 2011-002 addresses a vulnerability in the Certificate Trust Policy for Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.7, Mac OS X Sever v10.6.7. Exploitation of this vulnerability may allow an attacker to intercept user credentials, or obtain…
Read more at: US-CERT Current Activity
Apple has released the following security updates:
Security Update 2011-002 addresses a vulnerability in the Certificate Trust Policy for Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.7, Mac OS X Sever v10.6.7. Exploitation of this vulnerability may allow an attacker to intercept user credentials, or obtain sensitive information.
Safari 5.0.5 addresses two vulnerabilities affecting the WebKit package. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.
iOS 4.2.7 Software Update for iPhone addresses multiple vulnerabilities affecting the Certificate Trust Policy, QuickLook, and WebKit Packages. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, intercept user credentials, or obtain sensitive information.
iOS 4.3.2 Software Update addresses multiple vulnerabilities affecting the Certificate Trust Policy, libxslt, QuickLook, and WebKit. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, intercept user credentials, or obtain sensitive information, or bypass security restrictions.
US-CERT encourages users and administrators to review Apple articles HT4608, HT4596, HT4607, and HT4606 and apply any necessary updates to help mitigate the risks.
Read more at: US-CERT Current Activity