According to this support document (you need to be logged in to view it) Apple says that 10.7.2 and Security Update 2011-006 did the following:

>Impact: A person with physical access may be able to access the user’s password

>Description: A logic error in the kernel’s DMA protection permitted firewire DMA at loginwindow, boot, and shutdown, although not at screen lock. This update addresses the issue by preventing firewire DMA at all states where the user is not logged in.


>CVE-2011-3215 : Passware, Inc.

That sounds an awful lot like it patched the [previously report security vulnerability of FileVault 2](

[via reader Matt S]

Posted by Ben Brooks