On Wednesday, Apple issued the latest update to their Lion operating system, with the roll-out of OS X 10.7.4. The update brought with it a fix to Apple’s recently discovered FileVault bug, in addition to introducing some improvements, reports PCMag. The bug, which was discovered earlier this month, pertained to Apple's legacy encryption software, FileVault. The flaw arose out of a debugging option left turned on by accident and led to the previous version (10.7.3) to store encrypted passwords in plain text in a log file. What this did was that it allowed anyone with some tech skills and admin access to a person's computer, to open the file containing the personal data and access the encrypted data. Reportedly, the bug only affected those running v10.7.3 and using legacy FileVault (from v.10.6).
A report by ZDNet, reveals this report stated that the FileVault bug was first pointed out in February by a user in Apple’s support forums. This happened close on the heels of the release of v.10.7.3 of the OS. The user, however, wasn't responded to. It adds, “Then last Friday, a security researcher emailed Cryptome readers, thoroughly describing the issue, which immediately led to a media maelstrom. Following its usual stance of not disclosing, discussing, or confirming security issues until patches are available, Apple did not respond publicly.“
This latest update, comes with a host of improvements that includes updating Safari browser to version 5.1.6. It also comes with a new feature, which automatically disables an outdated Flash plug-in in one's browser, and then directs users to Adobe, prompting them to download a safer version.
Publish date: May 11, 2012 5:10 pm| Modified date: December 18, 2013 10:15 pm