Apple unveils massive patch update

Cath Everett | Nov 11, 2009 6:06 AM
32 patches for critical flaws released.

Apple has released its sixth security update for its Mac operating systems this year, with a huge 32 out of 58 accompanied by the phrase “may lead to arbitrary code execution”, which in the vendor’s jargon means critical.

Included in the patches were five specifically aimed at vulnerabilities in Snow Leopard, aka Apple Mac OS X 10.6, which was newly launched in August.

These vulnerabilities included a pair of bugs in the CoreMedia component’s parsing of H.264 movie files, one in ImageIO’s handling of TIFF files and vulnerabilities in the kernel and launch services.

Four other bug fixes also sorted out critical vulnerabilities in QuickTime 7.6.4, the version that was originally packaged with Snow Leopard.

This is the second round of fixes published for the new operating system in as many months.

The first was delivered on 10 September to fix nine flaws in Adobe’s Flash Player.

Although the holes had been plugged by late July, it did not leave enough time to include them in Snow Leopard before its launch.

The appearance of the new offering has also led to the removal of Tiger, aka Mac OS X 10.4, which first appeared in April 2005, from security support schedules.

Apple traditionally stops providing security updates for its oldest supported operating system several months after the release of a new one.