Apple security updates for Mac, iOS, and AirPort

A total of 33 vulnerabilities patched, most in iOS. Only the Airport Base Station was vulnerable to Heartbleed.

On Tuesday, Apple released numerous security updates for iOS, OS X, and the AirPort Base Station.

Security Update 2014-002 for OS X Lion (10.7.x), Mountain Lion (10.8.x), and Mavericks(10.9.x) fixes a total of 13 vulnerabilities in a wide variety of system components, including image processing, HTTP protocol, and Ruby.

An SSL bug that allowed a "triple handshake" attack that could reveal the contents of communications was patched, but this is separate from the Heartbleed bug. Apple has not used OpenSSL in iOS or OS X for some time.

But the AirPort Base Station does still use OpenSSL, and a firmware update to that device patches the Heartbleed bug.

iOS 7.1.1, in addition to  fixing some non-security bugs , plugs 19 security holes in the operating system, 16 of them in the WebKit browser engine in Safari. The oldest of these was reported to Google in May of 2013 and patched in July.

Related Topics:

Apple Security TV Data Management CXO Data Centers

More from Larry Seltzer

Related Stories

    • 1 of 3