Apple has released a set of updates for its products

Yesterday, the company released updates for its Apple TV products, iOS and OS X Mavericks operating systems, as well as for the Safari web browser. Updates fix a wide range of vulnerabilities that could be exploited by cybercriminals. WebKit engine has undergone the most corrections. Using vulnerabilities in WebKit, attackers can remotely execute arbitrary code in a browser. In modifications of WebKit, which are used in iOS and Apple TV, 28 such Remote Code Execution vulnerabilities are fixed.



About the fixed vulnerabilities for iOS 7, we wrote in detailin the previous post. Updates for Apple TV fix the same vulnerabilities that were discovered in iOS 7 components, with the exception of CVE-2014-1383. This vulnerability could be used by cybercriminals to conduct transactions in the iTunes Store without authorization. The attacker must already have access to the unlocked device and can bypass the repeated request for password confirmation in the iTunes Store.

The fixed Safari vulnerabilities (WebKit component) are relevant for versions 6.1.5 and 7.0.5 on OS X Lion 10.7.5, OS X Lion Server 10.7.5, OS X Mountain Lion 10.8.5 and OS X Mavericks 10.9.3.



The vulnerabilities fixed for OS X Mavericks are listed below.



(continued)




be secure.