Apple delivers fourth Mac OS X update of year

By on

Apple on Monday delivered fixes for 25 vulnerabilities in its Mac OS X platform, plus a patch for a Safari bug.

Apple on Monday released Mac 0S x 10.5.4, which includes patches for 25 security holes, many of which could be exploited to execute arbitrary code.

The flaws -- rated "highly critical" by tracking firm Secunia -- are spread out across a number of operating system components: Alias Manager, Core Types, C++filt, Dock, Launch Services, Net-SNMP, Ruby, SMB File Server, System Configuration, Tomcat, VPN and WebKit.

The largest number of holes -- nine -- reside in Tomcat, an application server that that executes Java programs used to create dynamic web pages.

Additionally, the update fixed six flaws in the open-source Ruby programming language.

Apple additionally plugged a memory corruption vulnerability relating to the handling of JavaScript in Safari 3.

Apple apparently did not fix a vulnerability in its ARDAgent (Apple Remote Desktop) that allows programs to run as root due to an error in the processing of AppleScripts, a Mac programming language. The hole gave rise to an alleged in-the-wild trojan.

See original article on scmagazineus.com
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

Log In

Username:
Password:
|  Forgot your password?