There is a cross-site scripting vulnerability in the Apple Store Web site that is exposing visitors to potential attack. The vulnerability was discovered by a German security researcher who says he informed Apple about the problem in mid-May, but the vulnerability still exists.
Browsing Category: Apple
Apple has updated both OS X and its Safari browser, fixing a pile of security vulnerabilities, many of which can be used for remote code execution. The release of OS X Mountain Lion 10.8.4 includes patches for more than 30 bugs, most notably a set of fixes for vulnerabilities in Ruby, some of which are being exploited at this point.
Apple released QuickTime 7.7.4 for Windows, which patched a handful of vulnerabilities, some which could have led to arbitrary code execution and caused the program to unexpectedly terminate.
Another sample of the Mac OS X spyware discovered last week has been found in the wild, security company F-Secure said.
Mac spyware was discovered on the computer of an activist attended a free speech workshop in Oslo.
Nearly a year since the Flashback Trojan surfaced and ultimately infected more than 600,000 Apple OS X computers, the author of the malware may haven been discovered.
Less than a day after Apple announced a new two-factor authentication to better protect Apple ID and iCloud accounts, the company was scrambling to fix another major security hole with its own password reset tool.
Apple has introduced a new two-factor authentication system designed to help protect users’ iTunes and App Store accounts and prevent attackers or unauthorized users from taking over users’ accounts. The system is similar to the one that Google has implemented for Gmail, utilizing verification codes sent via SMS.
Apple has patched a handful of security vulnerabilities in iOS, including a bug that was used for the latest iPhone jailbreak tool, called Evasion. Apple iOS 6.1.3 has patches for six vulnerabilities, including the screen lock bypass bug and a flaw in WebKit that can be used to execute arbitrary code.