The flaws -- rated "highly critical" by tracking firm Secunia -- are spread out across a number of operating system components: Alias Manager, Core Types, C++filt, Dock, Launch Services, Net-SNMP, Ruby, SMB File Server, System Configuration, Tomcat, VPN and WebKit.
The largest number of holes -- nine -- reside in Tomcat, an application server that that executes Java programs used to create dynamic web pages.
Additionally, the update fixed six flaws in the open-source Ruby programming language.
Apple additionally plugged a memory corruption vulnerability relating to the handling of JavaScript in Safari 3.
Apple apparently did not fix a vulnerability in its ARDAgent (Apple Remote Desktop) that allows programs to run as root due to an error in the processing of AppleScripts, a Mac programming language. The hole gave rise to an alleged in-the-wild trojan.
See original article on scmagazineus.com
_(33).jpg&h=140&w=231&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
iTnews Benchmark Awards 2026
iTnews Cloud Covered Breakfast Summit
The 2026 iAwards
_(1).jpg&h=140&w=231&c=1&s=0)
