Industry News

Apple Updates Safari, OS X Mavericks, Apple TV and iOS Following Critical Vulnerabilities

Apple has issued four updates for Safari, OS X Mavericks, Apple TV and iOS because of 38 vulnerabilities published in NIST’s National Vulnerability Database.

All vulnerabilities were publicly disclosed a day after they were patched. One of the vulnerabilities scored Security Database‘s highest rank in terms of complexity while  16 were of medium rank and 21 were of the lowest rank. When it comes to overall severity score, the average was 6.2 out of 10.

Apple Employees Hacked via Java Plugin Exploit

“Securing the device is paramount, regardless of the software platform they are running,” said Bitdefender’s Senior E-Threat Analyst Bogdan Botezatu. “By simply visiting a link, vulnerable users can be forced to run malicious code and compromise their device’s security.”

All four Apple updates targeted a long series of remote code execution vulnerabilities into some of the company’s best-known products, such as OS X, Apple TV, iOS and the Safari browser.

“If you are running a vulnerable version, it is highly recommended that you update now and complement your operating system’s defense mechanisms with an antimalware solution,” Botezatu said.

Nine of the vulnerabilities were ranked with a 10 overall vulnerability score due to their severity, meaning they could have allowed an attacker to execute arbitrary code or cause denial-of-service. The most severe were located in the iOS and OS X graphic drivers.

Also, 13 important vulnerabilities were ranked with an overall medium severity score of 6.8, most of them affecting the WebKit and allowing attackers to execute code or crash certain applications.

Even the lowest severity score, of 1.9, was given to an iOS lock-screen vulnerability that allowed attackers to brute-force the lock-screen password.

The vulnerabilities were registered from CVE-2014-1317, CVE-2014-1325, CVE-2014-1340, CVE-2014-1345, and between CVE-2014-1348 and CVE-2014-1382.

About the author

Lucian Ciolacu

Still the youngest Bitdefender News writer, Lucian is constantly after flash news in the security industry, especially when something is vulnerable or exploited. Besides digging for 'hacker' scoops and data leaks, he enjoys sports, such as football and tennis.
He has also combined an interest for social and political sciences, as a graduate of the Political Science Faculty, with a passion for guitar and computer games.