OS X

(get it in RSS or Atom)

Apple fixes 41 iTunes security flaws, some more than a year old

by Chester Wisniewski on May 17, 2013 | 12 Comments

Apple released the latest update to iTunes today, version 11.0.3, fixing 41 vulnerabilities in the Windows version and 1 in the OS X version. Many of these flaws are rated critical and we advise you update as soon as possible.

Mac malware found in malformed Word documents - is China to blame?

by Graham Cluley on April 25, 2013 | 2 Comments

Minority groups in China appear to have been targeted by a Mac malware attack, delivered via boobytrapped Word documents.

Who could possibly be interested in targeting their computers?

Monday review - the hot 32 stories of the week

by Anna Brading on March 18, 2013 | Leave a comment

Monday review - the hot stories of the week

It's that time of the week again - here's your roundup of everything we wrote in the last seven days.

Apple ships OS X 10.8.3 - 11 remote code execution vulns patched, Snow Leopard and Lion get fixes too

by Paul Ducklin on March 15, 2013 | 7 Comments

Apple has shipped the latest point release of its flagship Mountain Lion (OS X 10.8) operating system.

There are plenty of security fixes in there, which Snow Leopard (10.6) and Lion (10.7) users get too, in standalone security updates.

Apple finally adopts HTTPS for the App Store - here's why it matters

by Paul Ducklin on March 9, 2013 | 6 Comments

Last year, a Googler named Dr. Elie Bursztein noticed that Apple's App Store protocols were using HTTP where HTTPS would have been much better.

Some time later, Apple has changed its ways.

Paul Ducklin explains why it matters...

Oracle ships out-of-band Java fix, Apple follows suit

by Paul Ducklin on March 6, 2013 | 16 Comments

Oracle recently published an emergency update for Java, and Apple quickly followed suit for the version of Java it still officially supports.

Paul Ducklin tries to guess where Oracle's Java patch cycle will end up...

Apple bans outdated Adobe Flash plugins from Safari

by Paul Ducklin on March 4, 2013 | 5 Comments

Last week, Apple showed that it is getting more serious about security by getting strict about the version of Flash you're allowed to use in Safari.

Paul Ducklin explains the what and the why...

Apple's own Macs bitten by Java-based malware attack

by Chester Wisniewski on February 19, 2013 | 6 Comments

Apple released a statement today acknowledging that they were victims of the same attackers that Facebook talked about last week. A zero-day Java vulnerability infected Apple Mac developers through a drive-by attack.

More Mac malware attacking minority groups in China

by Paul Baccas on February 15, 2013 | 4 Comments

A targeted Mac malware attack strikes a minority group in China, exploiting an old Microsoft Word vulnerability.

No patch yet for Adobe PDF exploits - Adobe suggests a workaround; Mac and Linux users need not apply

by Paul Ducklin on February 14, 2013 | 21 Comments

No patch yet for Adobe PDF exploits - Adobe suggests a workaround, but Mac users need not apply

Adobe issues advice on how to mitigate the latest exploits against its PDF Reader software.

For Windows users, anyway. Mac and Linux fans are still out in the cold.

Anatomy of a bug - how Mac OS X chokes if you say "FILE"

by Paul Ducklin on February 6, 2013 | 28 Comments

Heard about the OS X bug that crashes programs if you display the text FILE colon slash slash slash? (We're not going to write it here in full, just in case!)

It's an intriguing problem - Paul Ducklin explains what goes wrong, and offers you two workarounds.

Apple and Mozilla - 'Just say no to Java'

by Chester Wisniewski on January 11, 2013 | 12 Comments

After the recent discovery of a zero-day vulnerability in Oracle's Java Web Start plugin Apple and Mozilla are now disabling Java by default until fixes are made available.