OS X firmware flaw fixed

By

Apple this week issued its third security update of the year, this one correcting a flaw in firmware that could allow some Mac OS X user passwords to be bypassed.

Intel-based Macs support the password feature in firmware, which is software contained in read-only memory that controls system hardware.


"Prior to this update, a person with physical access could bypass the firmware password and access single-user mode," said Apple's advisory. "This update addresses the issue by enhancing the security provided by the firmware password."

The update also addresses about 35 other system and application faults.

Among the other flaws are the operating system's failure to respond when a user tries to log in as a FireVault-protected user if the protected home image file has been damaged or moved. Mail also unexpectedly quits when a user lowers the quote level within a reply message and iChat stops video display until the computer is restarted.

A user can install the new content via the "Software Update" preference or from Apple Downloads on the company website.

The security announcement came just days after the Cupertino, Calif., computing giant celebrated its 30th anniversary on April 1.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
firmwarefixedflawossecurityx

Sponsored Whitepapers

See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy

Events

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound
Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?