Apple has released Security Update 2014-002 for 10.8 Mountain Lion, 10.7 Lion, and 10.7 Lion Server, with many of the same security fixes applied to the recently released OS X 10.9.4 Mavericks (see “OS X 10.9.4 Includes Wi-Fi, Wake from Sleep Fixes,” 30 June 2014). All three releases receive updates to the certificate trust policy, as well as fixes for vulnerabilities in maliciously crafted ZIP files, cURL re-using NTLM connections, and the Dock’s handling of messages from applications. The Mountain Lion Security Update also patches vulnerabilities related to a kernel memory issue with graphics drivers, a validation issue in the handling of OpenCL API calls, and array indexing with IOAcceleratorFamily (see the full list of patched vulnerabilities). (All updates are free. For 10.8 Mountain Lion, 139.3 MB; for 10.7 Lion, 134 MB; for 10.7 Lion Server, 184.3 MB.)
Subscribe today so you don’t miss any TidBITS articles!
Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For 28 years, we’ve published professional, member-supported tech journalism that makes you smarter.
Registration confirmation will be emailed to you.