Jaakko Pero

**Name of the Vulnerable Software and Affected Versions** Mac OS X versions prior to 10.9 **Description** The issue is related to the random-number generator in the kernel, which provides lengthy exclusive access for processing large requests. This allows local users to cause a denial of service, resulting in a temporary generator outage, by using an application that requires many random numbers. **Recommendations** For Mac OS X versions prior to 10.9, update to version 10.9 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple Mac OS X version 10.7.3 **Description** The issue concerns the Login Window in Apple Mac OS X. When Legacy File Vault or networked home directories are enabled, it does not properly restrict what is written to the system log for network logins. This allows local users to obtain sensitive information by reading the log. **Recommendations** For Apple Mac OS X version 10.7.3, consider disabling Legacy File Vault or networked home directories as a temporary workaround to minimize the risk of exploitation. Restrict access to the system log to prevent local users from obtaining sensitive information.