Mac OS X update fixes over 130 vulnerabilities

By Tom Brewster on Nov 15, 2010 7:06 AM
Filed under Security

Mac looking more vulnerable over time.

Apple has fixed more than 130 vulnerabilities with a Mac OS X update, many of which could be exploited by hackers if users do not get the latest version of the operating system.

Mac OS X 10.6.5 includes fixes for a wide array of problems, from issues in QuickTime and Image Capture to a large number of vulnerabilities existing in the Flash Player plug-in.

“Multiple issues exist in the Adobe Flash Player plug-in, the most serious of which may lead to arbitrary code execution,” Apple warned in an advisory.

There is also a fix for a memory management issue in the operating system’s kernel, which could allow a local user to cause an unexpected system shutdown, and the update includes MySQL version 5.0.91 that plugs numerous security holes.

“Many of the vulnerabilities could be exploited by malicious hackers to run unauthorised code on your Mac computer, opening you up to the potential of being spied upon, having information stolen, or cyber criminals commandeering your Mac into becoming part of a botnet,” warned Graham Cluley, senior technology consultant at Sophos, in a blog.

“So, don't delay. Investigate rolling this update onto your Apple Macs as soon as possible.”

Mac security flaws have skyrocketed this year, according to figures from Panda Security.

In 2009, 34 vulnerabilities were detected in the Mac OS and so far in 2010 this has risen to over 170, the security firm reported in October.

Many experts have this year challenged the belief that Macs are inherently safe.

This article originally appeared at itpro.co.uk

Mac OS X update fixes over 130 vulnerabilities

5 comments in this discussion

"It will be interesting to see what happens to Flash after IE9 FINAL comes out with HTML5 support. Iirc that will make all three major browsers HTML5 compliant."

By Ezy2Confuze

Tags

mac, os, update, 130, security, vulnerability, patch

Tax Office tests e-tax for Mac

Further security flaws found in Java Runtime Environment

Hackers exploit zero-day hole in Internet Explorer

Samsung, Dell printers remotely exploitable

Breaking Stories

Alacer Gold turns ERP refit project to Australia

NSW Govt bids for self-service analytics

NSW Police take aim at 3D-printable guns

Google faces new federal antitrust probe

US ISP to rip out Huawei equipment

Comments: 5

Bob Nov 15, 2010 9:27 AM	So security companies advise getting more security? Wow. "large number of vulnerabilities existing in the Flash Player plug-in." Yes, but not restricted to Apple (fixed in iPhone!). Issues in "Image Capture" Yes, supports new cameras natively for Raw capture. MySQL, most users don't enable it. Even on servers it's not enabled by default. Not panicking too much.
gikku Nov 15, 2010 11:07 AM	“Multiple issues exist in the Adobe Flash Player plug-in" umm, "42% of Mac OS X 10.6.5 Security Updates Were Fixing Bugs In Adobe Flash" http://www.cultofmac.com/42-of-mac-os-x-10-6-5-security-updates-were-fixing-bugs-in-adobe-flash/69248 uninstall flash from Mac OS X http://daringfireball.net/2010/11/flash_free_and_cheating_with_google_chrome Masquerade as Mobile Safari to Get Websites to Serve HTML5 Video to Safari on Mac OS X http://daringfireball.net/2010/11/masquerading_as_mobile_safari
Ace Nov 15, 2010 11:49 AM	So @gikku, you seem to be recommending that now Apple has released fixes for Adobe Flash Player, people should uninstall Flash. Curious. Fact is, Flash is a core piece of many sites, so it's hard to avoid. Better having it fixed and installed.
tabletpc Nov 15, 2010 12:22 PM	I see the fanbois are still in denial though. Apple's are just so easy... Like getting your safari to masquerade for HTML5. My grandma could do that! haha!
Ezy2Confuze Nov 15, 2010 4:35 PM	It will be interesting to see what happens to Flash after IE9 FINAL comes out with HTML5 support. Iirc that will make all three major browsers HTML5 compliant.