Apple has released a security update for OS X Snow Leopard, Lion and Mountain Lion, Security Update 2013-003 for Snow Leopard, Lion and Mountain Lion. Apple's security update Knowledge Base article has not been updated with details about the release, but changes should appear soon.

Updates

About Security Update 2013-003 (Lion)

Security Update 2013-003 is recommended for all users and improves the security of OS X.

For information on the security content of this update, please visit this website: http://support.apple.com/kb/HT1222

The update is available through the Mac App Store and Apple's software download website for Snow Leopard, Lion and Mountain Lion.

Top Rated Comments

lars666 Avatar
105 months ago
PRISM fix - nice! Waiting for Snowden Lion now.
Score: 14 Votes (Like | Disagree)
dempson Avatar
105 months ago
QuickTime fixes

The details have arrived via Apple's security-announce mailing list.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2013-07-02-1 Security Update 2013-003

Security Update 2013-003 is now available and addresses the
following:

QuickTime
Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
OS X Lion v10.7.5, OS X Lion Server v10.7.5,
OS X Mountain Lion v10.8.4
Impact: Playing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the handling of Sorenson
encoded movie files. This issue was addressed through improved bounds
checking.
CVE-ID
CVE-2013-1019 : Tom Gallagher (Microsoft) & Paul Bates (Microsoft)
working with HP's Zero Day Initiative

QuickTime
Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
OS X Lion v10.7.5, OS X Lion Server v10.7.5,
OS X Mountain Lion v10.8.4
Impact: Playing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in the handling of H.264
encoded movie files. This issue was addressed through improved bounds
checking.
CVE-ID
CVE-2013-1018 : G. Geshev working with HP's Zero Day Initiative

QuickTime
Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
OS X Lion v10.7.5, OS X Lion Server v10.7.5,
OS X Mountain Lion v10.8.4
Impact: Viewing a maliciously crafted movie file may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer underflow existed in the handling of 'mvhd'
atoms. This issue was addressed through improved bounds checking.
CVE-ID
CVE-2013-1022 : Andrea Micalizzi aka rgod working with HP's Zero Day
Initiative

Security Update 2013-003 may be obtained from the Software Update
pane in System Preferences, or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/

The Software Update utility will present the update that applies
to your system configuration.

For OS X Mountain Lion v10.8.4
The download file is named: SecUpd2013-003.dmg
Its SHA-1 digest is: 5452c463819106ec30e9f365031f65f1b6c538c0

For OS X Lion v10.7.5
The download file is named: SecUpd2013-003.dmg
Its SHA-1 digest is: c94eeaee2e329f75830140598c8973b6a8e1b22d

For OS X Lion Server v10.7.5
The download file is named: SecUpdSrvr2013-003.dmg
Its SHA-1 digest is: 849d5d4fd5c5a46f84d3607a84b6957fe4f10a00

For Mac OS X v10.6.8
The download file is named: SecUpd2013-003.dmg
Its SHA-1 digest is: 59f7be08ba2f3e343539c011793f7e31773f9caa

For Mac OS X Server v10.6.8
The download file is named: SecUpdSrvr2013-003.dmg
Its SHA-1 digest is: 7586022106c870e46139016ddc5e667def454430

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJR0zpyAAoJEPefwLHPlZEwdZ8QAJvykdoFKGOHgn9HzpFJ+tbm
0uXPFrExBTcgpypxiZngJJ7Py46FyFvHR9EkfppJDBVEURDpu3/AJRBCi5GnvpoV
7yGPiy5vnHJzUn+wvKUloKIKQQoEbOqmh4f0lfgMsD5CQyZP4f2uulW3fSXrJNT2
bVUc8VrVuw3QSvjeIsl7ZneLHvCv/yZ8wepWS3bR8vPnyv7jLHtNbryKGL8Qhiwx
MZEMaV1xQzKn82+0J4C5+TXsoqxLGKZMmlHjY3XbueQaV4NyU6hHnWdhjKjQ7aI1
frPRoE5tPuv+uMI51bxHNXT7vTYKVaBO+d2RVLclGRXvWm0l0q8N+liNEGrnYNY/
nD3A6KriFyONILSMOeHQUCh5CHDmuNhArtOMRICcQqBUfbVQ4XbDyKi7+4vv1Eug
r4p8ViN5uM2SvbIfsmZR7VsydvxJZV9uiQmcVQRqu4Yu80jKqyBV0qHZtTnnC0td
gL0vqYY7JuSRB3QDOzWPvRk+x4KdCHNQitdqj+fSq0iqFKb3ovvOn7Ug+UEpq60P
EIiRORMtj/Gh/LmlVJg62Mtoq+dY/g5z1RBPBVfEINbMyTMFStqRtVcWFo2Augo/
ucFFQ671Xn8PoMJ/5PhGNjDCDSBzCyyAY8WGnMWS4uiIXt+rsrtBavc1L7j3LuYD
R0og2PzHJPrZVEzhSZBn
=0jKe
-----END PGP SIGNATURE-----

----------

Hmm, 20mb for 10.8, and a hefty 347mb for 10.6

That's the normal pattern. When Apple releases a security update it usually incorporates earlier security updates going back to the last minor system version number update (which incorporated all security updates prior to that point), so that people installing the system from scratch only need to apply a single system version update followed by a single security update, instead of multiple security updates.

This means that security updates are generally larger for older major system versions, because they have had a longer time since the last minor version number update, and more security updates have accumulated.

Snow Leopard has been accumulating security updates since 10.6.8 was released in June 2011.

Lion has been accumulating security updates since 10.7.5 was released in September 2012.

Mountain Lion's security update only needs to include this batch of fixes, since all earlier ones are included in 10.8.4, which was released in June 2013.
Score: 7 Votes (Like | Disagree)
macnisse Avatar
105 months ago
Thanks apple for keeping SL on track! :-)
Score: 6 Votes (Like | Disagree)
Cubert Avatar
105 months ago
I wonder how much longer Snow Leopard support will continue after Mavericks is released?
Score: 5 Votes (Like | Disagree)
joelvega125 Avatar
105 months ago
Nothing for Snow Leopard? What does it fix exactly?

Did you actually read anything or did you jump straight to comment? Jack wagon...
Score: 5 Votes (Like | Disagree)
macs4nw Avatar
105 months ago
So glad for this. I won't abandon SL for the desktop, as long as APPLE keeps those security updates cummin'.....:)
Score: 4 Votes (Like | Disagree)

Top Stories

General Apps Messages

All Three Major U.S. Carriers and Google Adopt Rich Communication Services, But No Sign of Apple Interest

Tuesday July 20, 2021 1:15 pm PDT by
For the last several years, Google has been pushing a new communications protocol called Rich Communication Services, or RCS. RCS is designed to replace SMS, the current text message standard, and it offers support for higher resolution photos and videos, audio messages, bigger file sizes, better encryption, improved group chat, and more. Verizon today announced that it is planning to adopt...
AirPods Pro Beta Firmware

AirPods Pro Beta Firmware Now Available

Wednesday July 21, 2021 6:50 am PDT by
Upcoming AirPods Pro firmware updates are now available to Apple Developer Program members as beta versions. AirPods Pro firmware beta one features FaceTime Spatial Audio and Ambient Noise Reduction. Custom Transparency mode, including Conversation Boost, was initially expected to be included in the beta but appears to have been delayed for a later version. Apple made the announcement...
maxresdefault

Apple Music to Livestream Premiere of Kanye West's New Album 'Donda' on Thursday

Wednesday July 21, 2021 1:49 am PDT by
Apple Music on Thursday will host a global livestream for the premiere of Kanye West's tenth studio album, titled "Donda." The sold-out event will take place at the Mercedes-Benz Stadium in Atlanta, Georgia, and Apple Music's livestream will start at 8:00 p.m. Eastern Time. The livestream was revealed in a Beats Studio Buds ad that aired during the NBA Finals. The ad features U.S. track...
ios wifi settings

Apple Confirms iOS 14.7 Fixes WiFi Bug and Many Other Vulnerabilities

Wednesday July 21, 2021 11:38 am PDT by
Following the release of iPadOS 14.7 this morning, Apple has shared details on the security updates that are included in iOS 14.7, iPadOS 14.7, macOS Big Sur 11.5, watchOS 7.6, and tvOS 14.7, all of which came out this week. Notably, Apple's documentation confirms that the iOS 14.7 and iPadOS 14.7 updates address a WiFi-related vulnerability that could impact iOS devices when joining a...
16 inch macbook pro m2 render

Gurman: Redesigned MacBook Pros to Launch Between September and November

Sunday July 18, 2021 7:39 am PDT by
Apple can be expected to release its redesigned 14-inch and 16-inch MacBook Pros sometime between September and November, as part of another packed fall season for new product launches, according to Bloomberg journalist Mark Gurman. In the latest edition of his Power On newsletter, Gurman says that the new MacBook Pros will go into production in the third quarter and can be expected to be...
macOS Malware Feature

Common Windows Malware Can Now Infect Macs

Wednesday July 21, 2021 8:13 am PDT by
A common form of malware on Windows systems has been modified into a new strain called "XLoader" that can also target macOS (via Bleeping Computer). Derived from the Formbook info-stealer for Windows, XLoader is a form of cross-platform malware advertised as a botnet with no dependencies. It is used to steal login credentials, capture screenshots, log keystrokes, and execute malicious files. ...
magsafe battery pack solo

Hands-On With Apple's MagSafe Battery Pack

Tuesday July 20, 2021 11:14 am PDT by
The new MagSafe Battery Pack that Apple debuted this week is arriving to customers starting today and it's also now available for in-store pickup in many Apple retail locations around the world. We snagged one this morning and thought we'd take a look at it to let MacRumors readers know if it's worth the $99 asking price. Subscribe to the MacRumors YouTube channel for more videos. As the name ...
macOS Big Sur Feature Orange

Apple Releases macOS Big Sur 11.5 With Podcast App Updates and Bug Fixes

Wednesday July 21, 2021 10:15 am PDT by
Apple today released macOS Big Sur 11.5, the fifth major update to the macOS Big Sur operating system that launched in November 2020. macOS Big Sur 11.5 comes two months after the release of macOS Big Sur 11.4. The new ‌‌‌‌‌macOS Big Sur‌‌‌‌ 11.5 update can be downloaded for free on all eligible Macs using the Software Update section of System Preferences. macOS Big Sur...
apple tv 4k design green

Apple Releases tvOS 14.7 for Apple TV HD and Apple TV 4K

Monday July 19, 2021 10:04 am PDT by
Apple today released tvOS 14.7, the seventh update to the tvOS 14 operating system that initially debuted in September 2020. tvOS 14.7 comes two months after the launch of the tvOS 14.6 update. tvOS 14.7, which is a free update, can be downloaded over the air through the Settings app on the Apple TV by going to System > Software Update. ‌‌Apple TV‌‌ owners who have automatic software ...
ipad pro m1 feature

Apple Releases iPadOS 14.7 With Apple Card Merging Option, Fix for 3.5mm Headphone Jack to USB-C Adapter Bug

Wednesday July 21, 2021 10:18 am PDT by
Apple today released iPadOS 14.7, marking the seventh major update to the iPadOS operating system that came out in September 2020. Apple already released iOS 14.7 on July 19, but for some reason, delayed the iPadOS 14.7 debut until today. The iPadOS 14.7 update can be downloaded for free and the software is available on all eligible devices over-the-air in the Settings app. To access the new ...