Apple releases OS X 10.7.4 with fix for FileVault security bug
Apple has just released OS X Lion 10.7.4 via Software Update. The update, which is recommended for all users, fixes a bug in OS X 10.7.3 that caused login passwords to be stored in plain text log files, that could be accessed by other system users.
The 10.7.4 update is recommended for all OS X Lion users and includes general operating system fixes that improve the stability, compatibility, and security of your Mac including fixes that:
- Resolve an issue where the “Reopen windows when logging back in” setting is always enabled
- Improve compatibility with certain British third-party USB keyboards
- Address an issue that may prevent files from being saved to a server
- Improve the reliability of copying files to an SMB server
An accompanying support document includes information about about the FileVault security bug, and a link to steps on removing any log files containing passwords:
“An issue existed in the handling of network account logins. The login process recorded sensitive information in the system log, where other users of the system could read it. The sensitive information may persist in saved logs after installation of this update. See http://support.apple.com/kb/TS4272 for more information about how to securely remove any remaining records.”
Apple has also pushed out updates for OS X Snow Leopard users, and an update to Safari which takes it to version 5.1.7.
Remember to backup your system before running any of these updates.