(LiveHacking.Com) – Following the recent update of iOS, Apple has now applied a similar set of fixes to the desktop version of Safari as well as adding a new security measure which disables Adobe Flash Player if it is older than 10.1.102.64. At the same time Apple has also released an update to OS X Lion to fix the logging of passwords for FileVault and has updated a few key components like PHP and Samba.
Apple’s web browser is built around the WebKit layout engine which Apple started (as a fork of KHTML) back in 2001. It is now used as the layout engine for Safari and for Google’s Chrome. As a result when Google find security vulneravilities in Chrome, due to WebKit, they often need fixing in Safari as well. The fixes in Safari 5.1.7 are all related to WebKit:
- The first fix is for the cross site scripting issues that were used by Sergey Glazunov during Google’s Pwnium contest. Apple fixed the same issues recently in iOS 5.1.1. Details of the exact nature of Sergey’s exploit are still unavailable but it is known that WebKit doesn’t properly handle history navigation, which allows remote attackers to execute arbitrary code by leveraging a “Universal XSS (UXSS)” issue.
- The second fix, which also comes via Google, is a memory corruption issue. According to Apple visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
- The third flaw to be repaired is a state tracking issue that existed in WebKit’s handling of forms. Due to this bug a maliciously crafted website may be able to populate form inputs on another website with arbitrary values.
As well as fixing these Critial errors Apple also added a new security feature which disables Adobe Flash Player if it is older than 10.1.102.64. It does this by moving the Flash files to a new directory. However all is not lost, as the users is presented with option to install an updated version of Flash Player from the Adobe website.
OS X Lion
Along side the Safari release, Apple also released OS X Lion v10.7.4 and Security Update 2012-002 (for OS X Snow Leopard). The big ticket item on this update is the disabling of the debugging switch which meant that FileVault passwords were being written to a debug log in plain text. According to Apple, this issue only affects systems running OS X Lion v10.7.3 with users of Legacy File Vault and/or networked home directories. They also have a web page (http://support.apple.com/kb/TS4272) for more information about how to securely remove any remaining records.
Apple also fixed another FileVault issue where due to an bug in the kernel’s handling of the sleep image (used for hibernation), some unencrypted data remains on the disk even when FileVault was enabled. This issue is addressed through improved handling of the sleep image. This issue does not affect systems prior to OS X Lion.
The update also upgrades (and/or fixes) different compoents of OS X including curl, HFS, ImageIO (where viewing a maliciously crafted TIFF file may lead to an unexpected application termination or arbitrary code execution), libpng, libarchive, libsecurity, libxml (multiple vulnerabilities existed in libxml, the most serious of which may lead to an unexpected application termination or arbitrary code execution), PHP and QuickTime, Ruby and Samba.
PHP for OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3 has been updated to version 5.3.10 to address several vulnerabilities, the most serious of which may lead to arbitrary code execution. While Samba has been updated to remove the nine year old vulnerability which allowed an unauthenticated remote attacker to cause a denial of service or execute arbitrary code with system privileges.