Patch/Configuration Management, Vulnerability Management

Apple fixes iBook iAuthor flaw

April 4, 2016

Apple released an update for OS X Yosemite v10.10 or later to patch a vulnerability (CVE-2016-1789) that could lead to disclosure of user information.

The fix, posted by Apple on March 1, said an XML external entity reference issue existed with iBook iAuthor parsing and it was fixed by improving the software's parsing ability.

Apple credited Behrouz Sadeghipour and Patrik Fehrenbach for finding the flaw.

This patch comes shortly after the company issued a lengthy update for several of its operating systems on March 22 and on March 29 Apple had to re-release its latest mobile offering, iOS 9.3 to fix an issue that caused the device to lock up on some older devices.

Doug Olenick

Patch/Configuration Management

Hotfixes for Sophos firewall vulnerabilities released

SC StaffDecember 23, 2024

Hotfixes have been revealed for three vulnerabilities affecting Sophos Firewall versions 21.0 GA and older, two of which were of critical severity, reports The Hacker News.

Vulnerability Management

Apple patches TCC bypass vulnerability

SC StaffDecember 19, 2024

The vulnerability, tracked as CVE-2024-44131, was discovered in the FileProvider component and has been fixed in iOS 18, iPadOS 18, and macOS Sequoia 15 through improved validation of symbolic links.

concept of leaky software, data with a tap sticking out.3d illustration

Data Security

Misconfiguration exposes Virtavo security cam user data

SC StaffDecember 18, 2024

Over 8.7 million records, many of which are duplicates, were discovered within the server, including user phone numbers, network information, device identifiers, performance metrics, and other personal details, according to Cybernews researchers.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Related Terms

Bug Buffer Overflow Disassembly