Apple has released Security Update 2014-002 with security fixes for OS X 10.9 Mavericks, as well as for those still using 10.8 Mountain Lion, 10.7 Lion, and 10.7 Lion Server. According to the release notes, the security update patches a vulnerability with HTTP headers that enabled attackers to obtain Web site credentials, which affected all three versions of OS X. It also fixes a particularly ugly vulnerability to a “triple handshake” attack that could affect both Mavericks and Mountain Lion. However, the bulk of the changes focus on Mavericks, addressing vulnerabilities with CoreServicesUIAgent Web site validation, Heimdal Kerberos authentication, ImageIO’s handling of JPEG images, and a power management issue that could prevent the system from going to sleep and keep the screen unlocked. (All updates are free. For 10.9 Mavericks, 80.5 MB; for 10.8 Mountain Lion, 135.9 MB; for 10.7 Lion, 126.9 MB; for 10.7 Lion Server, 177.2 MB.)
Disinfect Your Keyboard
Keyboards, particularly those shared by multiple people, harbor huge quantities of bacteria. If you want to reduce the chances of picking up your co-worker's cold, you can disinfect your keyboard with disinfecting wipes. To avoid damage to the keyboard, be sure to:
- Unplug the keyboard before disinfecting it.
- Squeeze out any excess liquids from the cloth to avoid liquid dripping into the keyboard.
- Don't let any liquid from the wipe sit for long periods of time on the keyboard.
- Don't scrub the keyboard, just lightly wipe down. Rubbing too hard leaves behind more lint.
- Avoid cleansing cloths that contain bleach.
Visit Das Keyboard
Security Update 2014-002 (Mavericks, Mountain Lion, and Lion)
Check out the perks at <http://tidbits.com/member_benefits.html>
Special thanks to Kris Markel, Andrew Rodger, Colin Phillips, and
Richard Wilson for their generous support!