Apple fixes FileVault bug in latest Lion OS update

On Wednesday, Apple issued the latest update to their Lion operating system, with the roll-out of  OS X 10.7.4. The update brought with it a fix to Apple’s recently discovered FileVault bug, in addition to introducing some improvements, reports PCMag . The bug, which was discovered earlier this month, pertained to Apple’s legacy encryption software, FileVault. The flaw arose out of a debugging option left turned on by accident and led to the previous version (10.7.3) to store encrypted passwords in plain text in a log file. What this did was that it allowed anyone with some tech skills and admin access to a person’s computer, to open the file containing the personal data and access the encrypted data. Reportedly, the bug only affected those running v10.7.3 and using legacy FileVault (from v.10.6).  

Updated..

A report by ZDNet, reveals this report stated that the FileVault bug was first pointed out in February by a user in Apple’s support forums. This happened close on the heels of the release of v.10.7.3 of the OS. The user, however, wasn’t responded to. It adds, “Then last Friday, a security researcher emailed Cryptome readers, thoroughly describing the issue, which immediately led to a media maelstrom. Following its usual stance of not disclosing, discussing, or confirming security issues until patches are available, Apple did not respond publicly.”

This latest update, comes with a host of improvements that includes updating Safari browser to version 5.1.6. It also comes with a new feature, which automatically disables an outdated Flash plug-in in one’s browser, and then directs users to Adobe, prompting them to download a safer version.