Network News

X My Profile
View More Activity

Apple ships 50+ security updates

Apple has shipped a large security update for computers running its Leopard and Snow Leopard operating systems for the Mac. The bundle contains security fixes for more than 50 vulnerabilities, including updates for components like Adaptive Firewall, FTP server, QuickTime and Spotlight.

The update applies to Snow Leopard (10.6.x) and Mac OS X Leopard (10.5.8) systems, as well as OS X Server versions of these operating systems. Users can grab the patches directly from Apple Downloads or via the Mac's built-in Software Update feature.

Some of the individual fixes in these bundles are interesting in their own right. For example, Apple said that a vulnerability in Snow Leopard's Login Window could let a user log in to any account without supplying a password. Another update, this one for a bug in Leopard' Dictionary program, is limited to users on the local network, but gives a whole new meaning to the term "dictionary attack"; Apple said a maliciously crafted Javascript could allow a user on the local network to drop hostile code on another Mac user's system.

Read more about the individual updates here.

By Brian Krebs  |  November 10, 2009; 10:57 AM ET
Categories:  New Patches , Safety Tips  | Tags: apple patch  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   StumbleUpon   Technorati   Google Buzz   Previous: Nastygram: MySpace phish plants spy software
Next: Eight indicted in $9M RBS WorldPay heist


could u ask apple for a comment on the exact status of the keyboard firmware vulnerability from black hat? the security update says that now "system privileges" are required to send a firmware update to a keyboard. this doesn't sound like the problem has actually been patched...

Posted by: nospamplease555 | November 12, 2009 2:56 AM | Report abuse

The comments to this entry are closed.

RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company