Security Update 2014-002 1.0 For Os X Released For Mac
This update can be downloaded and installed using, or from the. For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available.
To learn more about Apple Product Security, see the website. For information about the Apple Product Security PGP Key, see '.' Where possible, are used to reference the vulnerabilities for further information. To learn about other Security Updates, see '. .
CFNetwork HTTPProtocol Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, and OS X Mavericks 10.9.2 Impact: An attacker in a privileged network position can obtain web site credentials Description: Set-Cookie HTTP headers would be processed even if the connection closed before the header line was complete. An attacker could strip security settings from the cookie by forcing the connection to close before the security settings were sent, and then obtain the value of the unprotected cookie. This issue was addressed by ignoring incomplete HTTP header lines. CVE-ID CVE-2014-1296: Antoine Delignat-Lavaud of Prosecco at Inria Paris . CoreServicesUIAgent Available for: OS X Mavericks 10.9.2 Impact: Visiting a maliciously crafted website or URL may result in an unexpected application termination or arbitrary code execution Description: A format string issue existed in the handling of URLs. This issue was addressed through additional validation of URLs. This issue does not affect systems prior to OS X Mavericks. CVE-ID CVE-2014-1315: Lukasz Pilorz of runic.pl, Erik Kooistra .
Security Update 2014-002 1.0 For Os X Released For Mac Download
FontParser Available for: OS X Mountain Lion v10.8.5 Impact: Opening a maliciously crafted PDF file may result in an unexpected application termination or arbitrary code execution Description: A buffer underflow existed in the handling of fonts in PDF files. This issue was addressed through additional bounds checking. This issue does not affect OS X Mavericks systems. CVE-ID CVE-2013-5170: Will Dormann of CERT/CC .
Heimdal Kerberos Available for: OS X Mavericks 10.9.2 Impact: A remote attacker may be able to cause a denial of service Description: A reachable abort existed in the handling of ASN.1 data. This issue was addressed through additional validation of ASN.1 data. CVE-ID CVE-2014-1316: Joonas Kuorilehto of Codenomicon . ImageIO Available for: OS X Mavericks 10.9.2 Impact: Viewing a maliciously crafted JPEG image may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow issue existed in ImageIO's handling of JPEG images. This issue was addressed through improved bounds checking. This issue does not affect systems prior to OS X Mavericks. CVE-ID CVE-2014-1319: Cristian Draghici of Modulo Consulting, Karl Smith of NCC Group .
Intel Graphics Driver Available for: OS X Mountain Lion v10.8.5 and OS X Mavericks 10.9.2 Impact: A malicious application can take control of the system Description: A validation issue existed in the handling of a pointer from userspace. This issue was addressed through additional validation of pointers. CVE-ID CVE-2014-1318: Ian Beer of Google Project Zero working with HP's Zero Day Initiative . IOKit Kernel Available for: OS X Mavericks 10.9.2 Impact: A local user can read kernel pointers, which can be used to bypass kernel address space layout randomization Description: A set of kernel pointers stored in an IOKit object could be retrieved from userland. This issue was addressed through removing the pointers from the object. CVE-ID CVE-2014-1320: Ian Beer of Google Project Zero working with HP's Zero Day Initiative .
Kernel Available for: OS X Mavericks 10.9.2 Impact: A local user can read a kernel pointer, which can be used to bypass kernel address space layout randomization Description: A kernel pointer stored in a XNU object could be retrieved from userland. This issue was addressed through removing the pointer from the object. CVE-ID CVE-2014-1322: Ian Beer of Google Project Zero . Power Management Available for: OS X Mavericks 10.9.2 Impact: The screen might not lock Description: If a key was pressed or the trackpad touched just after the lid was closed, the system might have tried to wake up while going to sleep, which would have caused the screen to be unlocked. This issue was addressed by ignoring keypresses while going to sleep. Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability.
Risks are inherent in the use of the Internet. For additional information. Other company and product names may be trademarks of their respective owners.
. OS X Mavericks (version 10.9) is the tenth of, 's and for computers. OS X Mavericks was announced on June 10, 2013, at, and was released on October 22, 2013 worldwide.
The update emphasized battery life, improvements, other improvements for, and continued integration, as well as bringing more of Apple's apps to OS X. Mavericks, which was named after the in, was the first in the series of OS X releases named for places in Apple's home state; earlier releases used the names of. OS X Mavericks was the first OS X major release to be a free upgrade since. Contents.
History Apple announced OS X Mavericks on June 10, 2013, during the company's (WWDC) keynote (which also introduced, a revised, the sixth-generation, the fifth-generation, and a redesigned ). During a keynote on October 22, 2013, Apple announced that the official release of 10.9 on the Mac App Store would be available immediately, and that unlike previous versions of OS X, 10.9 would be available at no charge to all users running or later. On October 22, 2013, Apple offered free upgrades for life on its operating system and business software.
System requirements OS X Mavericks can run on any Mac that can run; as with Mountain Lion, 2 GB of RAM, 8 GB of available storage, and OS X 10.6.8 (Snow Leopard) or later are required. Mavericks and later versions are all available for free. The full list of compatible models:. (Mid-2007 or later). (13-inch Aluminum, Late 2008), (13-inch Polycarbonate, Early 2009 or later). (13-inch, Mid-2009 or later), (15-inch or 17-inch, Mid/Late 2007 or later). (Late 2008 or later).
(Early 2009 or later). (Early 2008 or later). (Early 2009) System features The menu bar and the are available on each display. Additionally, AirPlay compatible displays such as the can be used as an external display.
Has been updated to organize and switch between Desktop workspaces independently between multiple displays. OS X Mavericks introduced App Nap, which sleeps apps that are not currently visible. Any app running on Mavericks can be eligible for this feature by default. Compressed Memory is a system which automatically from inactive apps when approaching maximum capacity. Is a feature that enhances energy efficiency by reducing usage by up to 72 percent.
This allows MacBooks to run for longer periods of time and desktop Macs to run cooler. Apple now supports Core Profile and 1.2. Version 2 (SMB2) is now the default protocol for sharing files instead of. This is to increase performance and cross-platform compatibility. Some, such as the leather texture in Calendar, the legal pad theme of Notes, and the book-like appearance of Contacts, have been removed from the. Stores a user's usernames, passwords and Wi-Fi passwords to allow the user to fill this information into forms when needed.
The system has native sharing integration. IPoTB (Internet Protocol over Thunderbolt Bridge) networking is supported in Mavericks. This feature allows the user to quickly transfer a large amount of data between two Macs. Allows the user to reply to notifications instantly, allows websites to send notifications, and, when the user wakes up a Mac that was in a sleep state, displays a summary of missed notifications before the machine is unlocked. Some system alerts, such as low battery, removal of drives without ejecting, and a failed backup have been moved to. The 'traffic light' close, minimize, and maximize buttons have appeared somewhat brighter.
App features gets enhancements such as, fullscreen support, and document. Pinch-to-zoom and swipe-to-navigate-history gestures have been removed, although both are supported anywhere else. The new application allows the user to read books purchased through the iBooks Store. The app also allows the user to purchase new content from the iBooks Store, and a night mode to make it easier to read in dark environments. The new application allows the user the same functionality as in Maps.
The app has enhancements such as being able to add events, and an estimate for the travel time of an event The browser has a significantly enhanced JavaScript performance which Apple claims is faster than. A Top Sites view allows the user to quickly access the most viewed sites by default.
However, the user can pin or remove websites from the view. The sidebar now allows the user to view their bookmarks, reading list and shared links. Safari can also auto-generate random passwords and remember them through iCloud Keychain. Removed functionality The API has been removed.
USB syncing of calendar, contacts and other information to iOS devices has been removed, instead requiring the use of iCloud. 10 no longer supports many older video codecs and converts them to the ProRes format when opened. Older video codecs cannot be viewed in Quick Look. Apple also removed the ability to sync mobile iCloud Notes if users upgraded their phone OS from iOS 9 to iOS 10, effectively forcing all Mavericks users to update or upgrade their computers. Reception. This section needs expansion.
You can help. (April 2017) OS X Mavericks has received mixed reviews. One complaint is that Apple removed the local sync services, which forces users to get iCloud to sync iOS devices with the desktop OS. However, this feature has since returned in the 10.9.3 and iTunes 11.2 updates. The Open Group.
Retrieved December 4, 2014. (Press release). October 22, 2013. Apple Support. March 25, 2016. Retrieved March 25, 2016.
September 20, 2016. Archived from on 2014-02-18. Ha, Anthony (June 10, 2013).
Retrieved July 31, 2013. (Press release). June 10, 2013. Retrieved June 10, 2013. Retrieved 22 October 2013. October 22, 2013. Retrieved October 25, 2013.
Retrieved 2017-01-28. Retrieved 2017-01-28. Apple Support.
Retrieved 2017-01-05. Archived from on July 16, 2013.
John Siracusa (October 22, 2013). June 10, 2013. Archived from the original on June 13, 2013. Retrieved June 13, 2013. CS1 maint: Unfit url.
^. June 10, 2013. Retrieved June 10, 2013. ^ John Siracusa (October 22, 2013). John Siracusa (October 22, 2013). John Siracusa (October 22, 2013).
Dilger, Daniel Eran (June 12, 2013). Retrieved June 12, 2013. John Siracusa (October 22, 2013). John Siracusa (October 22, 2013). Retrieved 2017-01-05.
Retrieved 2017-01-06. Mac Daily News. September 10, 2013. Retrieved September 29, 2013.
Retrieved 2017-01-08. Retrieved 2017-01-08. Best book catalog software. Pierce, David (June 25, 2013). Retrieved July 31, 2013. Brownlee, John (June 11, 2013).
Retrieved July 31, 2013. Guarino, Sarah (2013-10-26). Retrieved 2017-01-06. John Siracusa (October 22, 2013). Zibreg, Christian (June 10, 2013). IDownload blog.
Retrieved June 11, 2013. Retrieved 2017-01-06. van Beijnum, Iljitsch. Ars technica. Retrieved 27 April 2016.
Retrieved 2017-01-06. John Siracusa (October 22, 2013).
Retrieved 2017-01-06. Retrieved 2017-01-07. Retrieved 2017-01-07.
John Siracusa (October 22, 2013). John Siracusa (October 22, 2013). John Siracusa (October 22, 2013). ^ John Siracusa (October 22, 2013).
June 10, 2013. Retrieved June 10, 2013. Retrieved 2017-01-06.
Retrieved 2017-01-06. Retrieved 2017-01-06.
Lardinois, Frederic. Retrieved 2017-01-05. Retrieved 2017-01-05. Ars Technica. Retrieved 2017-01-05.
Ars Technica. Retrieved 2017-01-06. Retrieved 2017-01-06. November 13, 2013. Retrieved January 2, 2014. September 23, 2013.
Retrieved October 23, 2013. January 1, 2014. Retrieved January 1, 2014. October 28, 2013. Retrieved January 2, 2014. Preceded by OS X 10.9 2013 Succeeded.