Shoppers should note that the Pro Display XDR does not come with a stand. It is available for $4,699.00, down from $4,999.00 with the standard glass option, and this is another rock bottom price. Second, both Amazon and B&H Photo are offering $300 off the 2019 32-inch Pro Display XDR. Deals on the new Mac Studio have been rare since its launch in early 2022, and this is one of the first notable cuts on any configuration this year. Starting with Mac Studio, B&H Photo has the custom configuration M1 Max Mac Studio (32GB RAM, 512GB SSD, 32-core GPU) for $1,999.00 USD, down from $2,199.00. When you click on a link and make a purchase, we may receive a small payment that helps us keep the site running. Note: MacRumors is an affiliate partner with some of these vendors. Available from Amazon and B&H Photo, these deals offer all-time low prices on the devices. On Macs and iDevices the risk is generally lower than on computers offering online services that are available to, and proddable by, millions of external users.Today, we’re tracking a deal on Apple’s Mac Studio desktop computer, as well as a new price cut on the 32-inch Pro Display XDR. On your Mac: Apple menu > About this Mac > Software Update…Īs for the infamous Log4Shell hole: yes, this bug can in thoery affect Macs, because the flaw exists in a Java programming library, and Java is a cross-platform environment that runs equally well on Windows, Linux, macOS, xBSD and many other operating systems.On your iPhone or iPad: Settings > General > Software Update.Could let other users read or modify content that should be off-limits. Could let an otherwise innocent app escape from its security controls. Could spill secrets such as encryption keys, or leak memory addresses that help to bypass address space layout randomisation (ASLR). Could reveal network traffic to people who shouldn’t be able to see it. Could lead to Apple’s rudimentary built-in anti-virus allowing malware to sidestep its checks. Could lead to you being tracked when you thought you couldn’t be. Could lead to a complete jailbreak of device security. The security fixes in this round of updates close off holes that include: The patches include many that don’t immediately sound as serious as Log4Shell (because they aren’t actively and aggressively being abused already), but that could in theory have been even worse (because they involve more serious side-effects, such as potential full kernel compromise). The bad news, perhaps, is that there are plenty of other vulnerabilities that were patched by Apple. The good news, if you want to think of it that way, is that it isn’t: we didn’t see mention of the text CVE-2021-44228, Log4Shell or Log4j anywhere in any of the abovementioned bulletins. (Apple, as you know, has an official policy of saying as little as possible about updates and update cycles, so we shall have to wait and see.)Īs you can imagine, given the timing of this update, our first thought was to jump straight to the bulletins above and search for CVE-2021-44228, better known as Log4Shell, to see if the cybersecurity crisis currently circulating the globe was behind these patches. In the past, we’ve noticed an apparent correlation between delayed updates for individual platforms and delayed listings on HT201222, but we have no idea whether that is coincidence rather that true correlation, or a desire on Apple’s part to hold off updating the central listing until all the new versions can be displayed in one go. …but we did notice that Apple’s main security noticeboard page, HT201222, still doesn’t mention the updates listed above. Observant readers will notice that the URLs in the list above form an unbroken numeric sequence except for a gap at HT212977, so whether that’s a space left open for a delayed update for iOS 14 or not we can’t tell you… The updated versions you’re looking for are:Īs for iOS 14 and iOS 12, which are the official previous and pre-previous iPhone operating systems (in the same way that Big Sur and Catalina are the previous incarnations of macOS), there’s no sign of any updates for them. …but it’s also time to check your Apple devices, because Apple just pushed out a slew of its they-arrive-when-they’re-ready-and-don’t-expect-any-warning security patches. Not only is it Patch Tuesday (keep your eye on our sister site for the latest on that score later in the day)… Amongst all the brouhaha about Log4Shell, it’s easy to forget all the other updates that surround us.
0 kommentar(er)
