Apple has released a set of updates for its products.

Yesterday, the company released updates for its Apple TV products, iOS and OS X Mavericks operating systems, as well as for the Safari web browser. Updates fix a wide range of vulnerabilities that attackers can take advantage of. Most of the fixes have undergone the WebKit engine. With the use of vulnerabilities in WebKit attackers can remotely execute arbitrary code in the browser. Modifications of WebKit, which are used in iOS and Apple TV, fixed 28 such Remote Code Execution vulnerabilities.



We have written in detail about patched vulnerabilities for iOS 7 in a previous post. Updates for Apple TV fix the same vulnerabilities that were found in iOS 7 components, with the exception of CVE-2014-1383. This vulnerability can be used by attackers to conduct a transaction in the iTunes Store without confirming authorization. The attacker should already have access to the unlocked device and can bypass the password re-request request in the iTunes Store.
')
Safari fixed vulnerabilities (WebKit component) are relevant for versions 6.1.5 and 7.0.5 on OS X Lion 10.7.5, OS X Lion Server 10.7.5, OS X Mountain Lion 10.8.5 and OS X Mavericks 10.9.3.



Below are the fixes for OS X Mavericks vulnerabilities.



(continued)




be secure.