Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Apple Releases Patches for All Products - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Apple Releases Patches for All Products

Apple today released patches for most (all?) of its operating systems. For more details from Apple, see

- OS X has been updated to 10.9.4 (Security Update 2014-003). The security update is also available for older versions of OS X.
- Safari has been updated to 6.1.5 and 7.0.5
- iOS has been updated to 7.1.2
- Apple TV has been updated to 6.2.

The largest common source of patches for all of these products is WebKit. The updates should be applied in a timely manner. There is no indication at this point about active exploits. The iOS update also patches a problem that would allow an attacker to bypass activation lock, as well as an lock screen bypass that has been demoed publicly a couple weeks ago.

Johannes B. Ullrich, Ph.D.

I will be teaching next: Application Security: Securing Web Apps, APIs, and Microservices - SANS London June 2022


4479 Posts
ISC Handler
Jul 1st 2014
True to form, Apple has yet to update their security page since late may - smh.

Check back again after the folks in Cupertino have had their fruit juice and a few more hours of sleep. Maybe noon everyone else's time?

Sign Up for Free or Log In to start participating in the conversation!