On Wednesday, October 12, Apple released a large security update for the OS X Lion (10.7) version of their operating system. The update also addresses several security vulnerabilities identified in version 10.6.8. It is recommended that the security update be applied as soon as possible.
Additional information regarding the products that are patched in the update can be found at http://support.apple.com/kb/HT5002
Details available from secunia.com
http://secunia.com/advisories/46417/
Criticality level Highly critical
Impact Hijacking
Security Bypass
Exposure of system information
Exposure of sensitive information
Privilege escalation
System access
Where From remote
Description
Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.
1) Some vulnerabilities exist in Apache, BIND, CoreFoundation, CoreMedia, iChat Server, Mailman, Postfix, PHP, Python, QuickTime, Tomcat, and X11:
Update October 13 2:30 p.m.
Some systems have experienced problems with the implementation of the latest Apple OS X operating system update. At least one of the problems was associated with the use of Symantec PGP. Please see the following URL for additional information – http://isc.sans.edu/diary/Critical+OS+X+Vulnerability+Patched/11797