Apple delivers fourth Mac OS X update of year

By

Apple on Monday delivered fixes for 25 vulnerabilities in its Mac OS X platform, plus a patch for a Safari bug.


Apple on Monday released Mac 0S x 10.5.4, which includes patches for 25 security holes, many of which could be exploited to execute arbitrary code.

The flaws -- rated "highly critical" by tracking firm Secunia -- are spread out across a number of operating system components: Alias Manager, Core Types, C++filt, Dock, Launch Services, Net-SNMP, Ruby, SMB File Server, System Configuration, Tomcat, VPN and WebKit.

The largest number of holes -- nine -- reside in Tomcat, an application server that that executes Java programs used to create dynamic web pages.

Additionally, the update fixed six flaws in the open-source Ruby programming language.

Apple additionally plugged a memory corruption vulnerability relating to the handling of JavaScript in Safari 3.

Apple apparently did not fix a vulnerability in its ARDAgent (Apple Remote Desktop) that allows programs to run as root due to an error in the processing of AppleScripts, a Mac programming language. The hole gave rise to an alleged in-the-wild trojan.

See original article on scmagazineus.com
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

NSW Police to embark on $126m IT overhaul

NSW Police to embark on $126m IT overhaul

CBA looks to GenAI to assist 1200 'security champions'

CBA looks to GenAI to assist 1200 'security champions'

Victoria's first government tech chief steps down

Victoria's first government tech chief steps down

Australia's super funds told to assess authentication controls

Australia's super funds told to assess authentication controls

Log In

  |  Forgot your password?