Updates for iTunes, Server and Safari

21. May 2014 Security 0

Last week Apple released updates for OS X Mavericks and iTunes. The Mavericks update, 10.9.3, has finally given us back the ability to sync contacts and calendars over USB and as far as I can tell it works without issues. The update can be installed through Software Update in the App Store or you can download the update from Apple’s website directly using the following links:
OS X Mavericks 10.9.3 Update (461.7 MB)
OS X Mavericks 10.9.3 Combo Update (947.2 MB)

The iTunes update did not come without issues though. It messed up permissions of users home folders if certain conditions were met that allowed unauthorized users access. Home folders would also go invisible after a reboot. Apple quickly released a 11.2.1 update and kept the details of this massive screw-up tucked away in the fine print. If you had updated iTunes already, make sure to check for updates again. Seeing another iTunes update is not a glitch, it’s a fix you need.
You can also download the update here directly from the Apple website (235.1 MB).

An update to OS X Server, 3.1.2, was also released and has the following fixes and improvements:

  • Fixes for Profile Manager deploying profiles containing variables when code signing is enabled
  • Improved Profile Manager reliability for sending Volume Purchase Program invitations
  • Fixes to enable Profile Manager to manage Device Enrollment Program systems with long descriptive names
  • Improvements to Messages Server stability when using Chat Rooms
  • Improved delivery of messages to Mail groups. Note: the Mail service cannot deliver messages that contain unencoded 8-bit data to a group.

The update requires the above mentioned 10.9.3 update to be installed first. Security wise not much was done in this update.

Finally, today Apple released updates for Safari. The update is available for OS X versions Lion, Mountain Lion and Mavericks and fixes 22 WebKit security issues. The full list can be found here.

In unrelated news, eBay was hacked a few months ago and just found out recently. They finally released a statement today urging users to change their passwords. I recommend doing this sooner rather than later as it appears passwords were not stored properly. They were encrypted but not hashed so the hackers that obtained them most likely have most of the passwords decrypted by now. Look out for phishing emails and treat every email from eBay that asks for account details with suspicion.


Leave a Reply

Your email address will not be published. Required fields are marked *

*