Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Apple Updates - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Apple Updates

Microsoft had their monthly patch day this past Tuesday.  Mozilla released new versions of Firefox.  Oracle and Adobe pushed theirs back a week, so look for them next week.  Cisco released their update to coincide with Microsoft's.  Well, not to be left out, Apple also released a number of updates this week.  Some of these look like they could be rather serious, so if you are using any of the affected software, you should probably update ASAP.

  • iPhone OS 3.1 and iPhone OS 3.1.1 for iPod Touch - covers CVE-2009-2206, CVE-2009-2794, CVE-2009-2207, CVE-2009-2795, CVE-2009-2815, CVE-2009-2796, CVE-2009-2797, CVE-2009-1725, CVE-2009-1724, and CVE-2009-2199
  • QuickTime 7.6.4 -  covers CVE-2009-2202, CVE-2009-2203, CVE-2009-2798, and CVE-2009-2799
  • Mac OS X v10.6.1 - which fixes the downgrade of the Adobe Flash player that occurred when upgrading to 10.6
  • Security Update 2009-005 - this update applies to the 10.4 and 10.5 branches of OS X (including PowerPC versions) and fixes issues with Alias Manager, CarbonCore, ClamAV, ColorSync, CoreGraphics, CUPS, Flash Player plug-in, ImageIO, Launch Services, MySQL, PHP, SMB, and the Wiki Server.

Jim Clausing, jclausing --at-- isc [dot] sans (dot) org

I will be teaching next: Reverse-Engineering Malware: Malware Analysis Tools and Techniques - SANS DFIR Summit & Training 2022


423 Posts
ISC Handler
Sep 12th 2009

Sign Up for Free or Log In to start participating in the conversation!