Apple has fixed more than 130 vulnerabilities with a Mac OS X update, many of which could be exploited by hackers if users do not get the latest version of the operating system.
Mac OS X 10.6.5 includes fixes for a wide array of problems, from issues in QuickTime and Image Capture to a large number of vulnerabilities existing in the Flash Player plug-in.
“Multiple issues exist in the Adobe Flash Player plug-in, the most serious of which may lead to arbitrary code execution,” Apple warned in an advisory.
There is also a fix for a memory management issue in the operating system’s kernel, which could allow a local user to cause an unexpected system shutdown, and the update includes MySQL version 5.0.91 that plugs numerous security holes.
“Many of the vulnerabilities could be exploited by malicious hackers to run unauthorised code on your Mac computer, opening you up to the potential of being spied upon, having information stolen, or cyber criminals commandeering your Mac into becoming part of a botnet,” warned Graham Cluley, senior technology consultant at Sophos, in a blog.
“So, don't delay. Investigate rolling this update onto your Apple Macs as soon as possible.”
Mac security flaws have skyrocketed this year, according to figures from Panda Security.
In 2009, 34 vulnerabilities were detected in the Mac OS and so far in 2010 this has risen to over 170, the security firm reported in October.
Many experts have this year challenged the belief that Macs are inherently safe.
This article originally appeared at itpro.co.uk
Copyright © ITPro, Dennis Publishing
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @itnews.com.au to your white-listed senders.