Apple patches Mac OS X vulnerabilities

By

Security update fixes 15 flaws in Flash and Safari.

Apple patches Mac OS X vulnerabilities
Security update fixes 15 flaws in Flash and Safari. Apple has released a security update that fixes 15 different vulnerabilities in Mac OS X.

The update has been classified by security firm Secunia as 'highly critical', its second highest alert level, owing to the danger of remote code execution on unpatched systems.

Among the vulnerabilities is a flaw in the CFNetwork component used by Apple's Safari browser that could allow unauthenticated SSL sites to appear as authenticated.

This could leave a user vulnerable to fraudulent sites that would be presented as secure.

Fixes for Adobe Flash Player which Secunia has listed as 'highly critical' are also included in the update. The vulnerabilities could allow attackers to execute code remotely via a specially crafted .swf file.

Other fixes address vulnerabilities in PICT and jpeg2000 image handling components and several LoginWindow flaws.

The Mac OS X 10.4.8 update is for users with a version of MacOS X 10.4 or Mac OS X 10.4 server already installed. Security Update 2006-006 is for users running Mac OS X 10.3.9 and Mac OS X Server.

The security fix comes one week after Apple released a patch for vulnerabilities in its AirPort wireless networking components.
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
applemacospatchessecurityvulnerabilitiesx

Sponsored Whitepapers

Optus Enterprise Mobility
Optus Enterprise Mobility
Life After VMware: Scale Securely with mCloud by Micron21
Life After VMware: Scale Securely with mCloud by Micron21
Cut Cloud Costs Without Compromise: Discover mCloud by Micron21
Cut Cloud Costs Without Compromise: Discover mCloud by Micron21
What 4 wholesale distribution challenges aren’t going away anytime soon?
What 4 wholesale distribution challenges aren’t going away anytime soon?
State of the SOC: Building Resilience in a Shifting Threat Landscape
State of the SOC: Building Resilience in a Shifting Threat Landscape

Events

Most Read Articles

Phishing attack nets enormous npm supply chain compromise

Phishing attack nets enormous npm supply chain compromise
VicRoads to phase out passwords in favour of passkeys

VicRoads to phase out passwords in favour of passkeys
Service NSW centralises security, networking in mammoth CloudOps overhaul

Service NSW centralises security, networking in mammoth CloudOps overhaul
Apple adds "mercenary spyware" protection to new A19 chip

Apple adds "mercenary spyware" protection to new A19 chip
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?