In addition to firmware updates for MacBook systems and updates for iPhoto, Aperture, iOS, and Mountain Lion, Apple has issued security updates for both OS X Snow Leopard and Lion.
The updates should be available via Software Update for systems running their respective operating systems, but they can also be downloaded from the Apple Support downloads pages for the respective updates:
OS X Lion Update 10.7.5 Server Combo (1.99GB)
OS X Lion Update 10.7.5 Server (1.22GB)
OS X Lion Update 10.7.5 Client Combo (1.91GB)
OS X Lion Update 10.7.5 Client (1.14GB)
Security Update 2012-004 Snow Leopard Server (276.45MB)
Security Update 2012-004 Snow Leopard (2.36MB)
The security issues addressed by these updates include problems with Web sharing and DNS management services that could result in a denial-of-service attack on the system, and revocation of a compromised root certificate from TrustWave that could allow an attacker to intercept personal information.
In addition, updates to the systems' directory services, core image-handling libraries, kernel, and log-in window services fix bugs where attackers could similarly get passwords and other personal information, or where the user might inadvertently execute an unwanted program.
In most of the cases, these vulnerabilities are potential issues that are not being exploited, but now that they are published, it is best to keep your system updated to ensure they are closed.
In addition to these security fixes that are shared in both the Snow Leopard and Lion updates, the OS X 10.7.5 update for Lion addresses a few usability issues. It does the following:
- Resolves an issue where icons in Launchpad may get rearranged after a restart
- Improves Wi-Fi reliability for iMac (Late 2009 and newer)
- Resolves an issue using Spotlight to search an SMB server
- Improves compatibility connecting to Active Directory servers
The Server variant of OS X 10.7.5 fixes some significant and commonly used services by:
- Maintaining Spotlight index when changing share point settings
- Creating and connecting to Open Directory master
- Improving reliability of password authentication
- Using Software Update Server to automatically download and enable software updates
- Reliably booting NetRestore images created with System Image Utility
- Using Profile Manager to set the Mobility sync frequency settings for mobile accounts
- Improving reliability when changing an Xsan metadata controller into a client