So, apparently, that OS X password-revealing bug we wrote about on Tuesday has been squashed. Apple released a new update to OS X Lion today, bringing it up to version 10.7.4, and AppleInsider says user passwords are now safe. (Several other sites, too, report that the bug is gone.)
As we noted earlier this week, the bug spits out log files containing user passwords in plain-text format on some configurations. Word is that only folks who'd used FileVault before upgrading to OS X Lion, and then upgraded and continued to use the old version of FileVault, are affected. The issue cropped up when OS X 10.7.3 came out in early February, and someone complained on Apple's support forums less than a week later.
Interestingly, the 10.7.4 release notes make no mention of the FileVault fix. Apple lists a handful of other resolved problems and additions—among other things, the "Reopen windows when logging back in" won't stick anymore, it says, and a more stable version of Safari (v5.1.6) in included. Apple points users to this page for an overview of the OS X update's "security content," but there's nothing there about 10.7.4, FileVault, or passwords. It doesn't look like the page has been updated since iOS 5.1.1 came out a couple of days ago.
|1. Ryszard - $603||2. Hdfisise - $600||3. Andrew Lauritzen - $502|
|4. Redocbew - $350||5. the - $306||6. SomeOtherGeek - $300|
|7. chasp_0 - $251||8. Ryu Connor - $250||9. mbutrovich - $250|
|10. YetAnotherGeek2 - $200|
|AMD's Radeon Software Crimson Edition: an overview||50|
|Asus updates Zenbook UX305 with a Skylake Core M CPU||2|
|Shuttle XPC Nano's svelte body is clad in black and gold||1|
|AMD ends driver support for non-GCN Radeon cards||45|
|Dell owns up to eDellRoot hole and provides removal instructions||13|
|MIT researchers say many popular Android apps call out covertly||8|
|Dell gets Superfishy by shipping PCs with self-signed root certificates||46|
|It's an early Black Friday deals extravaganza||31|
|Mozilla axes heavyweight Firefox themes and tab groups||59|