A bug in Apple’s Core Text technology is at the core of denial of service conditions on iOS and Mac OS X caused by a string of Arabic text making the rounds online.
Browsing Category: Apple
Attackers looking to exploit a previously disclosed and apparently still unpatched bug in sudo, a Unix-based Linux command found in most Apple OS X builds have gotten a little more help this week.
Apple claims it will fix a previous disclosed flaw in its mobile operating system that can allow hackers complete access to an iPhone or iPad via a fake USB charger.
Several days after taking its developer Web site down without a mention of the reason, Apple has revealed that attackers had breached the site. The company said that while it can’t rule out the theft of developers’ data, all of the sensitive personal information was encrypted.
Apple has one of the more gilded consumer brands and the company spends a lot of time and money to keep it that way. Consumers love Apple. Scammers and attackers do too, though, and security researchers in recent months have seen a major spike in the volume of phishing emails abusing Apple’s brand, most of which are focused on stealing users’ Apple IDs and payment information.
An iPhone user has managed a screen-lock bypass on the beta version of Apple iOS 7, which has been available since Monday.
There is a cross-site scripting vulnerability in the Apple Store Web site that is exposing visitors to potential attack. The vulnerability was discovered by a German security researcher who says he informed Apple about the problem in mid-May, but the vulnerability still exists.
Apple has updated both OS X and its Safari browser, fixing a pile of security vulnerabilities, many of which can be used for remote code execution. The release of OS X Mountain Lion 10.8.4 includes patches for more than 30 bugs, most notably a set of fixes for vulnerabilities in Ruby, some of which are being exploited at this point.
Apple released QuickTime 7.7.4 for Windows, which patched a handful of vulnerabilities, some which could have led to arbitrary code execution and caused the program to unexpectedly terminate.