Apple Computer released an update last week for Mac OS X to fix several vulnerabilities that could allow attackers to execute code on unpatched systems.
A total of 15 security vulnerabilities are fixed in the update, which is available on Apple's Downloads page or through its Software Update service. The update fixes flaws in certain features of Mac OS X and Safari, but also Adobe System's Flash Player.
For example, one of the updates fixes a flaw in Safari that could allow malicious sites to appear as trustworthy destinations, complete with the little lock icon, without proper authentication. In this case, the flaw was fixed by disallowing anonymous SSL (Secure Sockets Layer) connections by default, Apple said.
Also covered by the updates are flaws that could allow arbitrary code execution from a malicious JPEG2000 image and ones that could allow local users to take advantage of failed attempts to log in to a network account. The fixes can be downloaded either as Mac OS X version 10.4.8 or as Security Update 2006-006, Apple said, adding that either download will correct the identified flaws.
Apple last updated Mac OS X 10.4 in June, with several patches and bug fixes delivered as Mac OS X version 10.4.7. Earlier this month, Apple issued an update to fix serious flaws in its AirPort wireless driver software that could allow Macs to be hijacked through wireless connections. More information on the current batch of updates can be found on Apple's Web site.
Play video
There are currently no comments for this post.