Apple has published updates for all supported versions of OS X and for Safari version 6.
A largish number of remote code execution vulnerabilities have been patched, so these aren't just cosmetic fixes.
Apple released the latest update to iTunes today, version 11.0.3, fixing 41 vulnerabilities in the Windows version and 1 in the OS X version. Many of these flaws are rated critical and we advise you update as soon as possible.
Apple just released iOS 6.1.4 for the iPhone 5.
Apparently, it improves speakerphone calls, but it doesn't fix the lock-screen bug in iOS 6.1.3...
Apple has pushed out a Safari update to go along with this week's "Java Tuesday" fix.
It's supposed to give you finer-grained control over Java in your browser.
Paul Ducklin puts it through its paces...
The security-beleaguered Java ecosystem usually gets updates just once every four months, in February, June and October.
But this year, Oracle has adapted that schedule a number of times, and this is one of them...
To some of us, two-factor authentication (2FA) is a welcome aspect of online security; to others, token or SMS-based login codes are just extra online hassle we'd rather do without.
Duck and Chet help you evaluate the risks and rewards of 2FA in this enjoyable quarter-hour podcast.
We've written recently about Apple and Automattic starting to offer two-factor authentication (2FA) for online accounts.
Word on the street says that Microsoft will soon be doing the two-step, too...
Have you joined thousands of others, and become a loyal listener to the "Chet Chat" yet?
Here's the latest Naked Security podcast, Sophos Security Chet Chat 105, discussing a range of recent and newsworthy topics from the world of computer security.
Apple has had a good-bad-good-bad week of it in the computer security environment.
Its announcement of two-step verification for some users was quickly followed by a report of a password recovery exploit for everyone else...
After celebrity Web 2.0 journalist Mat Honan had all his iDevices remote-wiped by a cybercrook last year, Apple's login security has been under scrutiny.
Good news! Apple has finally bitten the bullet and started offering two-factor verification for Apple ID users...
iOS 6.1.3 has only just been released by Apple, and already a security hole has been followed - allowing anyone to bypass the passcode lock on iPhones, and access private data on the device.
Anyone else getting a sense of Deja Vu?
It's that time of the week again - here's your roundup of everything we wrote in the last seven days.
Apple ships OS X 10.8.3 - 11 remote code execution vulns patched, Snow Leopard and Lion get fixes too
Apple has shipped the latest point release of its flagship Mountain Lion (OS X 10.8) operating system.
There are plenty of security fixes in there, which Snow Leopard (10.6) and Lion (10.7) users get too, in standalone security updates.
Last year, a Googler named Dr. Elie Bursztein noticed that Apple's App Store protocols were using HTTP where HTTPS would have been much better.
Some time later, Apple has changed its ways.
Paul Ducklin explains why it matters...