Apple releases OS X update, fixes 13 flaws

By

Fifth OS update of the year.

Apple has issued an update to Mac OS X to fix 13 vulnerabilities, including one that is similar to the “jailbreak” flaw already patched in its mobile operating system.

Apple releases OS X update, fixes 13 flaws

The update affects client and server versions of Mac OS X 10.5 (Leopard) and 10.6 (Snow Leopard).

It includes a fix for a stack buffer overflow bug in Apple Type Services' handling of embedded fonts, which may lead to arbitrary code execution, according to Apple's advisory. The vulnerability could be exploited if a user is tricked into viewing or downloading a document containing a maliciously crafted embedded font.

The flaw is similar to a vulnerability patched earlier this month in Apple's mobile operating system, iOS, that was exploited to jailbreak iPhone, iPad and iPod Touch devices, researchers at Mac security firm Intego wrote in a blog post.

The update also includes fixes for bugs in several other OS X components, including CFNetwork, ClamAV, CoreGraphics, libsecurity, PHP and Samba. Those vulnerabilities could allow an attacker to execute arbitrary code, obtain sensitive information, cause a denial-of-service condition, or impersonate hosts within a domain, according to an advisory posted by US-CERT.

This is the fifth OS X security update this year.

See original article on scmagazineus.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

CBA using facial recognition logins to verify disputed payments

CBA using facial recognition logins to verify disputed payments

Qantas contacted by "potential cyber criminal"

Qantas contacted by "potential cyber criminal"

SA Power Networks tackles IAM, cloud security under five-year strategy

SA Power Networks tackles IAM, cloud security under five-year strategy

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Log In

  |  Forgot your password?