Apple security updates for Mac, iOS, and AirPort

Summary:A total of 33 vulnerabilities patched, most in iOS. Only the Airport Base Station was vulnerable to Heartbleed.

On Tuesday, Apple released numerous security updates for iOS, OS X, and the AirPort Base Station.

Security Update 2014-002 for OS X Lion (10.7.x), Mountain Lion (10.8.x), and Mavericks(10.9.x) fixes a total of 13 vulnerabilities in a wide variety of system components, including image processing, HTTP protocol, and Ruby.

An SSL bug that allowed a "triple handshake" attack that could reveal the contents of communications was patched, but this is separate from the Heartbleed bug. Apple has not used OpenSSL in iOS or OS X for some time.

But the AirPort Base Station does still use OpenSSL, and a firmware update to that device patches the Heartbleed bug.

iOS 7.1.1, in addition to  fixing some non-security bugs , plugs 19 security holes in the operating system, 16 of them in the WebKit browser engine in Safari. The oldest of these was reported to Google in May of 2013 and patched in July.

Topics: Security, Apple


Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years. He was most recently Editorial Director of BYTE, Dark Reading and Network Computing at UBM Tech. Prior to that he spent over a decade consulting and writing on technology subjects, primarily in the area of sec... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.